OpenBSD Journal
Home : : Add Story : : Archives : : About : : Create Account : : Login :
Comments

<< Re: iptables | Up: Re: iptables | Flattened | Expanded | Re: iptables >>

Threshold: Help

  Re: iptables (mod -13/91)
by Steph L (Stephane.Lentz@ansf.alcatel.fr) on Tue Mar 25 21:02:00 2003 (GMT)
mailto:Stephane.Lentz@ansf.alcatel.fr
  I thought that IPTABLES did stateful inspection (http://www.sns.ias.edu/~jns/security/iptables/
mentions it does for instance).
Are you sure.

In some Linux French Magazine some guy mentionned
in some IPTABLES/NETFILTER vs PF comparison that :
- PF lacks some modules to follow some connections that Netfilter offers.
Example: IRC module (for DCC traffic)
- PF lacks fronts-end (IPTABLES offer many)
- PF lacks load-balancing

He mentions that add-ons such as authpf, normalization are really valuable.
  [ Show thread ] [ Reply to this comment ] [ Mod Up ] [ Mod Down ]
      Re: iptables (-14/96) by Dries Schellekens on Tue Mar 25 22:30:00 2003 (GMT)
        Re: iptables (12/94) by Dries Schellekens on Tue Mar 25 22:32:00 2003 (GMT)
      Re: iptables (-6/90) by RC on Tue Mar 25 22:50:00 2003 (GMT)
      Re: iptables (5/89) by Alejandro Belluscio on Wed Mar 26 16:59:00 2003 (GMT)

[ Home | Add Story | Archives | Polls | About ]

Copyright © 2004-2008 Daniel Hartmeier. All rights reserved. Articles and comments are copyright their respective authors, submission implies license to publish on this web site. Contents of the archive prior to April 2nd 2004 as well as images and HTML templates were copied from the fabulous original deadly.org with Jose's and Jim's kind permission. Some icons from slashdot.org used with permission from Kathleen. This journal runs as CGI with httpd(8) on OpenBSD, the source code is BSD licensed. Search engine is ht://Dig. undeadly \Un*dead"ly\, a. Not subject to death; immortal. [Obs.]