|
||||||||||
Peter Allgeyer wrote: > Am Dienstag, den 29.03.2005, 09:05 -0500 schrieb Braden McGrath: > >> Plus, pf does both shaping/queuing and rules all in the same >> system, no more "two pronged" attack like we have currently with >> ipfw/ipfilter. > > But pf needs proxy services in userland for not so simple > tcp-protocols like FTP and SIP. There are many pro and cons. If you > just need pf, then pfsense might be worth looking at. No, FTP works fine natively both inbound and outbound through pf. ftp-proxy is for (as it's name implies) proxying FTP for greater control. See ftp-proxy(8) on OpenBSD box. As for SIP, I've never heard of that requiring a userland tool either. DS |