Re: pf compatiblity w/ other unix OS

[Chris <sea_dragons@mac.com>]

On Monday, June 3, 2002, at 03:33  AM, Theo de Raadt wrote:

>> On Mon, Jun 03, 2002 at 04:11:20PM +0800, Lars Hansson wrote:
>>> I'm perfectly happy with pf not having these features and I hope most 
>>> of them
>>> never gets implemented in pf at all.
>>
>>   Ehm, the lack of load balancing and rate limitation is why my company
>> dropped OpenBSD firewalls for Linux.
>
> Right.  Which is precisely why you are unaware that with altqd(8),
> these components have have been in the tree for 2 releases.
>
> Man, this list sure is full of uninformed persnickety people.... On all
> sides.

This point reminds me somewhat of a friend who works for Microsoft.  He 
was trying to explain why IIS was the greatest thing since sliced bread 
and why Apache was an amateur's toy not ready for prime time.  Among 
other things, he said Apache did not do load balancing.  I puzzled at 
this for a while.  Why on Earth would you expect a web server to contain 
load-balancing code when a Google search turns up several load-balancing 
solutions which can already be used with the seb server (and while 
http://uptime.netcraft.com/up/graph/?mode_u=on&mode_w=on&site=64.4.8.23 
reveals, years after Microsoft's purchase, an Apache server)!   (This 
guy's home server went offline when my Apache logs started filling with 
Nimda-related requests, not from infection, but from well-placed fear.  
Just how good is this thing he says I should buy?)

The complaint seems to reflect an expectation to find bloated software 
which tries to contain all features of every other piece of software 
that anyone might want to run on the system.  IP tables might be good, I 
don't know ... does it let me edit outgoing email?

Best wishes,	
	--Chris