> Hi all! > > I would like to start a debate on this subject. Which method of > enabling > PF is the more secure (buffer overflow for example), the fastest, the > most stable, etc. I searched the web for some info but without result. > So I would like to know your opinion on the pros and cons of each > method.
For production Freebsd based firewalls I have always built the kernel with PF. The idea being that if something does go pear shaped, there's a good chance that at least the packet filter will stay operational. OpenBSDs standard pre loaded /etc/rc filter (which drops everything except ssh & IIRC dns) would also be nice, but my understanding is that to implement it on Free would break the startup elsewhere. Greg _______________________________________________ freebsd-pf@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-pf To unsubscribe, send any mail to "[EMAIL PROTECTED]"
