On Fri, 20 May 2011 17:49:22 -0500, John Jackson wrote: >On Sat, May 21, 2011 at 08:26:50AM +1000, Rod Whitworth wrote: >> Better tha >> iptables? >> http://www.esecurityplanet.com/news/article.php/3934151/Fedora-15-Boosts >> -Linux-Security.htm >> maybe... >> >> But apps opening pinholes? > >That's just asking for trouble! > >> >> Oh dear. >> >> Those of us running pf for years know that being able to do rule >> changes on the fly is a Good Thing(tm). > >It's actually quite easy to make on the fly changes with iptables. The >author may have misquoted.
Hardly. It is the entire rationale for having the new firewall. *** NOTE *** Please DO NOT CC me. I <am> subscribed to the list. Mail to the sender address that does not originate at the list server is tarpitted. The reply-to: address is provided for those who feel compelled to reply off list. Thankyou. Rod/ --- This life is not the real thing. It is not even in Beta. If it was, then OpenBSD would already have a man page for it.