10. Parsing IPTABLES config files excellent preparation for subsequent learning of Asian pictograph-based languages.
9. Standard logging via syslogd helps eliminate clutter in /var/log. 8. GPL prevents Steve Jobs from stealing your code. 7. Simplistic man pages encourage development of social skills via mailing lists. 6. Multiple distributions, versions, kernels, modules, plugins, etc. keep hackers confused as to exactly what they're attacking. 5. "Mangle" just sounds so much more 133+ than "Scrub". 4. Complexity of structure leads to more opportunities for obfuscation and subsequent job security. 3. New and experimental kernel modules make life exciting again. 2. GUI and Web based utilities mean that anyone can set one up without knowing what they're doing. And the number one reason IPTABLES is better than PF: 1. No distracting arguments about whether to port it to OpenBSD. -- Jeff Simmons [EMAIL PROTECTED] Simmons Consulting - Network Engineering, Administration, Security "You guys, I don't hear any noise. Are you sure you're doing it right?" - My Life With The Thrill Kill Kult