[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: Create a canned "Firewall Build" or RFHH

To: misc@openbsd.org
Subject: Re: Create a canned "Firewall Build" or RFHH
From: Henning Brauer <lists-openbsd@bsws.de>
Date: Fri, 22 Feb 2002 11:24:52 +0100
Content-Disposition: inline
Mail-Followup-To: misc@openbsd.org
References: <20020222082139.GD8804@tika.solstaden.arnholm.nu> <200202220848.g1M8mPWU031155@cvs.openbsd.org>

On Fri, Feb 22, 2002 at 01:48:25AM -0700, Theo de Raadt wrote:
> > On Thu, Feb 21, 2002 at 06:49:30PM -0500, Peter Masloch wrote:
> > > > > we're causing businesses to run less securely than they would
> > > > > if a truly easy-to-set-up OpenBSD firewall were available.
> > > > By their very nature firewalls should not be plug and play.  If you can't
> > > > figure out what every line of your pf rules do, you shouldn't be setting
> > > I believe there is already a CD which you can use to start out with:
> > > OpenBSD 3.0 IPF
> > > I know, it is not a complete fw but a good start.
> > Is there any big bifference in using that instead of the default OpenBSD
> > 3.0 distribution. Yes, IPF has been in the game a loger time, but
> > OpenBSD 3.0 has worked good too.
> Well, I think you might as well get used to pf.

Plus, you will get a hughe performance increase. pf performs by more han
factor 4 better than IPF for me.

-- 
http://2suck.net/hhwl.html
Unix is very simple, but it takes a genius to understand the simplicity.
(Dennis Ritchie)

References:
- Re: Create a canned "Firewall Build" or RFHH
  - From: Anders Arnholm <anders@Arnholm.nu>
- Re: Create a canned "Firewall Build" or RFHH
  - From: Theo de Raadt <deraadt@cvs.openbsd.org>

Prev by Date: Re: Configuration file
Next by Date: Re: Create a canned "Firewall Build" or RFHH
Prev by thread: Re: Create a canned "Firewall Build" or RFHH
Next by thread: Re: Create a canned "Firewall Build" or RFHH
Index(es):
- Date
- Thread