Er... ipfilter and ipfw both have had stateful inspection much longer than netfilter. Plus, netfilter has the unfortunate handicap of only running on linux, and I *absolutely will not trust linux to protect my lan*! It's great for a lot of other things, but too many kernel level vulnerabilities keep turning up. That and netfilter hasn't been around for several years.
On Fri, 2002-05-31 at 12:22, Alejandro Flores wrote: > Hello, > > NETFILTER does Statefull Inspection. It's a great plus for a firewall. > If you don't know about Statefull Inspection, tell us. > > See ya, > Alejandro Flores > Security Consultant > http://www.ipad.com.br/ > http://www.spyket.com.br/ > > > > > Hello all, > > > > I was just wondering which is a better open source solution for Firewall, > > IPFILTER with BSD flavors (openbsd, freebsd), or NETFILTERS with Linux, can > > somebody please tell me the pluses and minuses of both. > > > > Thanks in Advance > > Tsingh >
