Whenever I touch a Linux system Iβm amazed that nobodyβs written anything better than iptables yet.
3
1
@jogbert It's horrible. Yet I rarely have to touch it. ufw does fine for laptops and simple servers, and I use firehol for complex routers.
1
@dsilverstone Just little things, like βlog AND accept/dropβ shouldnβt need to be two rules. :-(
1
@jogbert Mmm, OTOH it's pretty extensible/sane overall.
2
@dsilverstone Iβd rather something like OpenBSDβs pf. Readable yet powerful (and just one config file).
1
@jogbert I've never been near enough OpenBSD's pf to compare it with iptables. Due to the rest of OpenBSD being worse than paedophiles.
1
@dsilverstone I donβt touch OpenBSD much. But FreeBSD uses pf too :-)
1
@jogbert Never been close enough to FreeBSD's pf due to the rest of FreeBSD being worse than IBM. :-) (I just dislike BSDs :-)
May 27, 2013 Β· 4:35 PM UTC
1