[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: pf question



  Syntax is very similar between the two but not the same. I have
personally found pf ruleset being clearer.  
There are many different features and concepts only present in one of
the two packages.
I found important for the transition from ipf to pf to understand the
differences in packet processing sequence. Compare the flow charts for
pf http://homepage.mac.com/quension/pf/flow.pngand or
http://mniam.net/pf/pf.png and for ipf
http://coombs.anu.edu.au/~avalon/ipfil-flow.html .
You will notice differences, (when the translation occurs, for example)
which will affect your ruleset transition. 
A bit outdated but helpful article:
http://www.onlamp.com/pub/a/bsd/2002/04/11/securing.html

Regards,
Janusz
    

-----Original Message-----
From: Matt [mailto:mhersant_(_at_)_comcast_(_dot_)_net] 
Sent: Thursday, October 07, 2004 3:36 AM
To: misc_(_at_)_openbsd_(_dot_)_org
Subject: pf question


I have a quick question on pf.  I've traditionally used ipf on FreeBSD
and Solaris.  Are pf and ipf the same?  I have already read the faqs on
pf. They appear to be the same, or at least very similar.  If they are
different, are there advantages to using pf?  Any advise of help is
appreciated.


______________________________________________

Modigliani: Beyond the Myth
Experience the works of a bohemian genius.

The only Canadian venue. Opening October 23rd.

Tickets on sale now - Call 416-979-6608.
Members visit free. Join today.

Art Gallery of Ontario - http://www.ago.net
______________________________________________