[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

RE: Linux port of pf



> -----Original Message-----
> From: Ed [mailto:[email protected]]
> Sent: Wednesday, October 20, 2004 1:09 PM
> Cc: [email protected]
> Subject: Re: Linux port of pf
> 
> 
> -----BEGIN PGP SIGNED MESSAGE-----
> Hash: SHA1
> 
> On Tue, 19 Oct 2004 19:11:13 -0400
> David Snyder <[email protected]> wrote:
> 
> > I've been trying to make some halting efforts to try and port pf to 
> > Linux (I use Slack -- as well as OBSD, of course).  I haven't seen 
> > anything on the Net about pf on Linux, so I've concluded 
> that no one's
> > 
> > looked at porting pf to Linux.  That's too bad, 'cause pf beats the
> > hell out of iptables for ease of use, configuration, etc.  
> Since a lot
> > of the details of, for example, building a lkm, the net 
> interface for
> > Linux and writing a Makefile, it's going to be awhile before I have
> > anything vaguely useful.  So, in other words, don't hold 
> your breath.
> 
> Thank you very much for you time.
> 
> I find iptables such a royal PITA. I bought Building Firewalls with
> OpenBSD and PF 2nd edition as I could not get my head around the binat
> keyword, as it was far too easy for me to understand. The rest of the
> book is pretty good, anyway, I'm side tracked now. Ah yes. I've been
> using the same iptables firewall script for 3-ish years, 
> maybe more now
> simply because I could never reconstruct it from scratch 
> without taking
> a week off from my normal duties. I can whip up a pf rule set in no
> time.
> 
> I find the opposite when it comes to other things like running the
> latest GAIM version because darn yahoo or MSN change their protocol,
> getting everything upto date just takes longer. apt-get 
> install gaim, on
> a Debian system gets it right.
Whats so hard about 'portupgrade gaim' or 'pkg_add -r gaim' ?
But, then again, why are we running gaim on a machine that is a firewall...
I don't think it is any harder, its just a matter of how you do it. =)
> 
> PF on linux would be 'awesome', so long as it did not become 
> like the XP
> firewall.
> 
> - -- 
> Ed. Debian 3. OpenBSD 3.5. Two things came out of berkeley: BSD and 
> LSD. Don't think this a coincidence. Can't cross chasm in small jumps
> PGP KeyID 04EDACDA A0F3 44E9 C367 C6C1 C891 4C71 69AF 3CF5 04ED ACDA 
> -----BEGIN PGP SIGNATURE-----
> Version: GnuPG v1.2.5 (GNU/Linux)
> 
> iD8DBQFBdqmtaa889QTtrNoRAnSmAJ9lwYGlTw6C9HT/oC4hNnARmTBcMwCeOHpf
> Jni61FKQsapE+BBmW8qL7Os=
> =plXO
> -----END PGP SIGNATURE-----
> 
CONFIDENTIALITY NOTE: This electronic transmission, including all
attachments, is directed in confidence solely to the person(s) to whom it is
addressed, or an authorized recipient, and may not otherwise be distributed,
copied or disclosed. The contents of the transmission may also be subject to
intellectual property rights and all such rights are expressly claimed and
are not waived. If you have received this transmission in error, please
notify the sender immediately by return electronic transmission and then
immediately delete this transmission, including all attachments, without
copying, distributing or disclosing same.