firewall technology (was Re: [PLUG] Good link...)

[Charlie Schluting]

Chris Jantzen wrote:
> 
> I'm sorry. I consider that flamebait. I find netfilter to be perfectly
> easy to understand and extremely logical. I just read the pf FAQ on
> openbsd.org and I see there are some plusses and minuses to its
> syntax, but I'd never call it "far superior".

Just my opinion... speaking strictly about syntax.

I'd say you can't "Just Look" at a netfilter rule and know what it does.
"-j? -m? -A? -i? What's all that do?"
Its just not as straightforward, IMHO.

I didn't mean to offend you.

-Charlie