Peter Allgeyer wrote:
> Am Dienstag, den 29.03.2005, 09:05 -0500 schrieb Braden McGrath:
>> Plus, pf does both shaping/queuing and rules all in the same
>> system, no more "two pronged" attack like we have currently with
> But pf needs proxy services in userland for not so simple
> tcp-protocols like FTP and SIP. There are many pro and cons. If you
> just need pf, then pfsense might be worth looking at.
No, FTP works fine natively both inbound and outbound through pf.
ftp-proxy is for (as it's name implies) proxying FTP for greater
control. See ftp-proxy(8) on OpenBSD box. As for SIP, I've never heard
of that requiring a userland tool either.