|
Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email hr@neohapsis.com |
Re: ipfilter no longer in -CURRENT, whats the direction? (off to ipfw?)
spork (spork
super-g.com)
Mon, 15 Nov 1999 13:59:55 -0500 (EST)
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
- Next message: Kris Kennaway: "Re: ipfilter no longer in -CURRENT, whats the direction? (off to ipfw?)"
- Previous message: Mike Tancsa: "Re: what are these ICMP logs ???"
- In reply to: nerle: "what are these ICMP logs ???"
- Next in thread: Kris Kennaway: "Re: ipfilter no longer in -CURRENT, whats the direction? (off to ipfw?)"
- Next in thread: Bill Fumerola: "Re: ipfilter no longer in -CURRENT, whats the direction? (off to ipfw?)"
- Reply: Kris Kennaway: "Re: ipfilter no longer in -CURRENT, whats the direction? (off to ipfw?)"
- Reply: Guido van Rooij: "Re: ipfilter no longer in -CURRENT, whats the direction? (off to ipfw?)"
I noticed that ipfilter is still gone... Was there any resolution here,
or is ipfilter gone for good?
All other concerns/features aside, I find the stateful inspection stuff
much easier to setup than the ipfw filtering... I only touch my firewall
once in a blue moon, and just about everything except for streaming
quicktime "just works". It would be a shame to see such a useful piece of
software go away.
My $0.02,
Charles
On Wed, 13 Oct 1999, Darren Reed wrote:
> Well, if someone had of answered my question (to cvs-committers)
> about getting an account fixed up on freefall(?) so I could use
> cvs again, it might not have been forgotten about for quite so
> long. Maybe I sent the question to the "wrong place", but I
> received no answer to even indicate that! hmpf!
>
> On a conspirital note, I think there are numerous ipfw advocates
> within freebsd who hate that ipfilter is better >;-) Both NetBSD and
> OpenBSD ship with it, and if you're serious about security, maybe
> you should be using OpenBSD anyway, rather than FreeBSD.
>
> Darren
>
> In some mail from Thomas Stromberg, sie said:
> >
> > http://www.freebsd.org/cgi/cvsweb.cgi/src/usr.sbin/ipnat/Attic/Makefile
> > ------------------------------------------------------------------------
> > 1.2 Sun Oct 10 15:08:35 1999 UTC by peter
> > CVS Tags: HEAD
> > Diffs to 1.1
> > FILE REMOVED
> >
> > Nuke the old antique copy of ipfilter from the tree. This is old enough
> > to be dangerous. It will better serve us as a port building a KLD,
> > ala SKIP.
> > ------------------------------------------------------------------------
> >
> > Although a heads up in -CURRENT or -security about this would of been
> > nice, ye old ipfilter is gone. I definitely cannot disagree with the
> > fact that it is an antique copy, and it's a shame that no one seems to
> > be taking care of it in the tree. At least in the past, ipfilter was for
> > many a much better option then ipfw. Has ipfw improved to the point
> > where it functions better as a company firewall then ipfilter? (Okay, so
> > the group & user firewalling is neat, but not really applicable for a
> > corporate border firewall)
> >
> > ipfilters website: http://coombs.anu.edu.au/~avalon/ip-filter.html
> >
> > For why I feel ipfilter is better then ipfw (this post was written back
> > in December '98, ipfw may have changed greatly since):
> >
> > http://www.freebsd.org/cgi/getmsg.cgi?fetch=117538+122112+/usr/local/www/db/text/1998/freebsd-current/19981227.freebsd-current
> > (the big 'wanton atticizing discussion')
> >
> > A summary of it being:
> >
> > - Multiplatform. Runs on IRIX, Solaris, Linux. Comes shipped with
> > FreeBSD, OpenBSD, and NetBSD. Keeps us in sync with the other BSD's.
> > - Better logging then ipfw (has ipfw improved? Thats why I switched to
> > ipfilter in the first place)
> >
> > It's a shame that no one seems to want to maintain ipfilter in our tree.
> > As far as a 'port building kld', I think this may not be the 'smartest'
> > way, seeing as anyone who is running a serious firewall would disable
> > kld's immediately anyhow.
> >
> > So my question is, what's the direction we're taking here?
> >
> > --
> > =======================================================================
> > Thomas Stromberg, Assistant IS Manager / Systems Guru
> > smtp://tstrombergrtci.com Research Triangle Commerce, Inc.
> > pots://919.380.9771 x3210
> > =======================================================================
> >
> >
> > To Unsubscribe: send mail to majordomoFreeBSD.org
> > with "unsubscribe freebsd-security" in the body of the message
> >
>
>
>
> To Unsubscribe: send mail to majordomoFreeBSD.org
> with "unsubscribe freebsd-security" in the body of the message
>
To Unsubscribe: send mail to majordomoFreeBSD.org
with "unsubscribe freebsd-security" in the body of the message
- Next message: Kris Kennaway: "Re: ipfilter no longer in -CURRENT, whats the direction? (off to ipfw?)"
- Previous message: Mike Tancsa: "Re: what are these ICMP logs ???"
- In reply to: nerle: "what are these ICMP logs ???"
- Next in thread: Kris Kennaway: "Re: ipfilter no longer in -CURRENT, whats the direction? (off to ipfw?)"
- Next in thread: Bill Fumerola: "Re: ipfilter no longer in -CURRENT, whats the direction? (off to ipfw?)"
- Reply: Kris Kennaway: "Re: ipfilter no longer in -CURRENT, whats the direction? (off to ipfw?)"
- Reply: Guido van Rooij: "Re: ipfilter no longer in -CURRENT, whats the direction? (off to ipfw?)"
This archive was generated by hypermail 2.0b3 on Mon Nov 15 1999 - 13:00:05 CST