[ previous ] [ next ] [ threads ]
 From:  "Sancho2k.net Lists" <lists at sancho2k dot net>
 To:  Peter Allgeyer <allgeyer at web dot de>
 Cc:  Braden McGrath <braden at mcmail dot homeip dot net>, m0n0wall at lists dot m0n0 dot ch
 Subject:  Re: [m0n0wall] Why I left M0N0Wall
 Date:  Tue, 29 Mar 2005 11:12:16 -0700
Peter Allgeyer wrote:
> Am Dienstag, den 29.03.2005, 09:05 -0500 schrieb Braden McGrath:
>> Plus, pf does both shaping/queuing and rules all in the same
>> system, no more "two pronged" attack like we have currently with
>> ipfw/ipfilter.
> But pf needs proxy services in userland for not so simple
> tcp-protocols like FTP and SIP. There are many pro and cons. If you
> just need pf, then pfsense might be worth looking at.

No, FTP works fine natively both inbound and outbound through pf.
ftp-proxy is for (as it's name implies) proxying FTP for greater
control. See ftp-proxy(8) on OpenBSD box. As for SIP, I've never heard
of that requiring a userland tool either.