On 05/20/2011 05:26 PM, Rod Whitworth wrote:
Better tha
iptables?
http://www.esecurityplanet.com/news/article.php/3934151/Fedora-15-Boosts
-Linux-Security.htm
maybe...
But apps opening pinholes?
Oh dear.
Those of us running pf for years know that being able to do rule
changes on the fly is a Good Thing(tm).
And I think that we'd all laugh at unpriveleged apps messing with the
rules.
I just thought I'd share my amusement at this announcement.
*** NOTE *** Please DO NOT CC me. I<am> subscribed to the list.
Mail to the sender address that does not originate at the list server is
tarpitted. The reply-to: address is provided for those who feel compelled to
reply off list. Thankyou.
Rod/
---
This life is not the real thing.
It is not even in Beta.
If it was, then OpenBSD would already have a man page for it.
Wonder if it's related to this, in recent Linux kernel release 2.6.39:
http://www.h-online.com/open/features/Kernel-Log-Coming-in-2-6-39-Part-1-Network-drivers-and-infrastructure-1227053.html
Basically, iptables (which didn't really have user-visible tables at
all, from what I can tell) finally gets something akin to pf's
<tables>. But damn, using _dbus_ to update them?
Not knocking Linux; I use it, too (hell, iz in ur TV). But not for
firewalls.
