On Mon, 4 Mar 2002, christian void wrote: > > > That being said, an ncurses gui to linux rules is a godsend, those > > rules being almost as hard on the eyes as perl. > > because they suck.
also... netfilter and iptables have only been out for a short while. trusting that over something with a long track record of stability and performance like ipfilter doesn't make me sleep well (this is also the same reason i haven't switch to pf yet). i know how to build iptables rules tho. i just don't encourage its use because well... it sucks. and why encourage the use of something that sucks? > > I do prefer OpenBSD as the border firewall though. PF rules are just > > dreamy. > > if the box needs to be secure, regardless of where it is, it should be in > a dmz behind a firewall, or in a secure enclave within an organization. lately, i've been fantasizing about an invisible bridging firewall. http://openlysecure.org/openbsd/how-to/invisible_firewall.html =jay _______________________________________________ Bits mailing list [EMAIL PROTECTED] http://www.sugoi.org/mailman/listinfo/bits
