i thought the nat in ipfw is as elegant as in iptables :)
but it is good to know that because different opinion actually is a chance to 
and why not share with us why the ipfw nat is cumbersome or how to be not 

> -----Original Message-----
> From: owner-freebsd-curr...@freebsd.org [mailto:owner-freebsd-
> curr...@freebsd.org] On Behalf Of Allan Jude
> Sent: 22 July, 2014 7:13
> To: freebsd-current@freebsd.org
> Subject: Re: Future of pf / firewall in FreeBSD ? - does it have one ?
> On 2014-07-21 09:57, bycn82 wrote:
> > There is no doubt that PF is a really good firewall, But we should
> noticed that there is an ipfw which is originally from FreeBSD while PF
> is from OpenBSD.
> >
> > If there is a requirement that PF can meet but ipfw cannot, then I
> think it is better to improve the ipfw. But if you just like the PF
> style, then I think choose OpenBSD is the better solution. Actually
> OpenBSD is another really good operating system.
> >
> > Like myself, I like CentOS and ipfw, so no choice :)
> >
> >
> The only thing I've really found lacking in IPFW is the NAT
> implementation. Specifically, when trying to do port-forwarding. All of
> the rules have to go in the single 'ipfw nat' rule, and it makes it
> cumbersome to manage.
> --
> Allan Jude

freebsd-current@freebsd.org mailing list
To unsubscribe, send any mail to "freebsd-current-unsubscr...@freebsd.org"

Reply via email to