*BSDThis forum is for the discussion of all BSD variants.
FreeBSD, OpenBSD, NetBSD, etc.
Welcome to LinuxQuestions.org, a friendly and active Linux Community.
You are currently viewing LQ as a guest. By joining our community you will have the ability to post topics, receive our newsletter, use the advanced search, subscribe to threads and access many other special features. Registration is quick, simple and absolutely free. Join our community today!
Note that registered members see fewer ads, and ContentLink is completely disabled once you log in.
If you have any problems with the registration process or your account login, please contact us. If you need to reset your password, click here.
Having a problem logging in? Please visit this page to clear all LQ-related cookies.
Introduction to Linux - A Hands on Guide
This guide was created as an overview of the Linux Operating System, geared toward new users as an exploration tour and getting started guide, with exercises at the end of each chapter.
For more advanced trainees it can be a desktop reference, and a collection of the base knowledge needed to proceed with system and network administration. This book contains many real life examples derived from the author's experience as a Linux system and network administrator, trainer and consultant. They hope these examples will help you to get a better understanding of the Linux system and that you feel encouraged to try out things on your own.
Click Here to receive this Complete Guide absolutely free.
i've been reading the docs on setting up the packet filter on an OBSD system, but i can't tell yet if PF has added functionality over iptables. if you know of any filtering abilities that are unique to OBSD, i would like to hear about them.
I believe that pf allows for stateful filtering of all protocols where iptables does not,or needs patching to do full stateful filtering?? I do know that the syntax is way way easier to use ,as it is almost straight english. http://www.benzedrine.cx/pf.html is a very good source for pf info
i am to understand that linux can do stateful filtering, but i'm not certain. the more i read about PF, the more i prefer its syntax and setup to that of iptables. time to go back to the docs and get this thing configured...
Distribution: OpenBSD 4.6, OS X 10.6.2, CentOS 4 & 5
Well I haven't looked at iptables too closely, but I do know that pf has an ability to allow only authenticated connections with authpf. I'm not aware of a similar function in iptables.
The main advantage of pf as far as I'm concerned is the syntax and keywords are actually readable. iptables is the worst and most obscure command line packet filtering I've seen as far as usability. Oh, also pf is supposedly the fastest of the open source packet filters, but I cannot confirm that.
Last advantage, you don't need multiple confusing chains of rules operating on the same packet. You just write out the commands to do exactly what you want and you don't have to worry about whether it's in the right chain, whether a chain behind it will block the packet, etc.