[CentOS] What is the diffrence between port filtering and packet filtering ?
Peter Serwe
peter at infostreet.com
Fri Feb 9 00:35:45 UTC 2007
mouss wrote:
> depends on your situation. if you don't have performance issues and no
> special configuration needs, then a low end commercial firewall would
> be enough. otherwise, you need to take the time to learn iptables, or
> find someone to help you build your firewall.
>
> there are guis available. google is your friend. one that comes to
> mind now is fwbuilder.
Personally, if I was using the box as a firewall, lightweight network
utility, VPN, router, NAT,
or whatever else a typical gateway might handle, I'd run it on BSD and
PF in a heartbeat over
iptables. Linux's general adhesion to the ridiculously obtuse and
difficult ipchains/iptables
legacy is extremely unfortunate at best, and IMO, far less functional.
Your entire PF
configuration file (amazingly) named /etc/pf.conf can be easily less
than 15 lines and
cover quite a lot of ground.
Kinda reminiscent of the old IPFW, only evolved about 200 years, which
would make it
10,200 years more evolved than ipchains/iptables.
:P
(*climbing back into Nomex in nuke bunker*)
Peter
--
Peter Serwe <peter at infostreet dot com>
http://www.infostreet.com
"The only true sports are bullfighting, mountain climbing and auto racing." -Earnest Hemingway
"Because everything else requires only one ball." -Unknown
"Do you wanna go fast or suck?" -Mike Kojima
"There are two things no man will admit he cannot do well: drive and make love." -Sir Stirling Moss
More information about the CentOS
mailing list