Hey there I would certainly love to see pf ported. We run a number of linux servers and I like to have them run their own firewalls as a final line of defence. Unfortunately that means running iptables and, to be honest, I just can't stand that firewall. Simply having the firewall rules in one file (ala pf.conf) rather than executing commands to add rules to an in memory list/table is just so much nicer. I am sure we have all had our "firewall.sh" file with one "/sbin/iptables BLAH" with a syntax error that then screws up the whole ruleset. Most annoying. Add to that the wonderful pf syntax, the wicked speed (especially when keeping state), the shaping and, yeah, well, I see pf as just so much nicer.
I am sure there are those that would disagree but I have just loved pf ever since I started using it. So, yes, if anyone hears of anything of pf being ported to linux, do post to the list! Andrew --- Sean <[EMAIL PROTECTED]> wrote: > Douglas Santos wrote: > > On Tue, Oct 19, 2004 at 09:08:50PM +0100, Ed wrote: > > > >>-----BEGIN PGP SIGNED MESSAGE----- > >>Hash: SHA1 > >> > >>Hello Guys, > >> > >>Has anyone ported pf for use on linux kernels? I like the firewall > so > >>much I want to use it on the debian systems. > > > > > > Why not to use it on OpenBSD? > > > > That's a very helpful comment, Douglas. > > Anyway, to address the original posters question, the only systems > I've > seen pf ported to are FreeBSD and NetBSD. There was some talk about > porting pf to linux 2.6 on a security list early this year, but I've > haven't seen anything since. > > Sean > Find local movie times and trailers on Yahoo! Movies. http://au.movies.yahoo.com
