iptables as a replacement for commercial enterprise firewalls - NOT
Posted by: Anonymous
on December 15, 2007 02:13 PM
Of course you do not use iptables but pf (OpenBDS). The logging mechanism of the iptables is so stupid: why do you have to write a rule for logging. It should be a paramater like ipchains had (-l) and pf (log) does. Real firewalls log every rule indepentedly.