Quote:
Originally Posted by halber_mensch
iptables has a confusing syntax to me, and it's overly complicated. pf actually has a well defined language for declaring firewall rules that's pretty intuitive.
addendum:
pf's in-kernel NAT also sets it apart from ipfw with its less reliable userland NAT daemon
|
ipfw(8) in FreeBSD 7+ includes in-kernel NAT. See the
nat keyword in the man page. It's not as intuitive as pf's, but it's there.