On Friday, November 11, 2011 11:49 AM, Craig White wrote: > > If you want something heavy duty you could simply 'apt-get install > shorewall'' but I suspect that you just want to be pedantic. The point > that Lamar made - that was that there wasn't any firewall installed by > default at all, which I agreed with. > I have seen shorewall generated rules. Far way too much branching off and following rule paths is a pain. For small setups, yes, it will do. But if you need to handle high traffic and therefore optimize the rules, forget it. > Now if it's package quantity vs. quality type of discussion that you > want to have... yes, there are some packages that Ubuntu has that don't > interest me in the least but the quantity can be mind boggling. For > example (and in my sphere of interest), Ubuntu has pre-built packages > for netatalk, davical& bacula which I use everywhere and I am building > them from source for RHEL or CentOS deployments. To be fair however, I > did have to build cyrus-imapd from source on Ubuntu whereas Simon's > packages for RHEL/CentOS are terrific. > 1) Not all packages in the provided repos are Canonical supported. Most of them are actually third-party aka 'community' maintained or unmaintained even and 2) You can get a similar if lesser experience with regards to quantity if you also add third-party repos on RHEL/Centos. Just because you don't get third-party packages available without a bit of tinkering is not that much of a plus for Ubuntu. > Then there's the utility of aptitude/apt-get vs. yum where I can deploy > and dynamically manage 'holding' packages on Ubuntu which is simply not > available with an rpm/yum package provider. Yum/rpm is good, apt/dpkg is > better. > I can play that game too. apt/dpkg is good but yum/rpm is better because it gives me 1) checksums and 2) multi-arch support. > Linux is pretty much still Linux and one thing has become obvious since > I started playing around with Ubuntu the last 7 or 8 months... that my > skills have improved by learning how the other half lives. I still love > Red Hat stuff, still use Fedora for my desktop. Some things Ubuntu does > better, some things I much prefer Red Hat methodology. In the end, it's > still Linux. > > I just can't embrace installing an OS whose security updates have > consistently lagged 3-6 months behind. > > I would not have said much if you have pushed Debian but Ubuntu? It's a joke. I only happen to have one Ubuntu Hardy server because I did not have a Centos disk at hand when I had to do an emergency installation of a box to take over the predecessor's read RH9 squid/nat box. I have no qualms learning the ropes of another distro but the Ubuntu distro takes the cake for faking a community and having tools that are way behind those available with RHEL/Centos. Does d-i support/have lvm on raid recipes yet?