10th June 2008
phoenix
phoenix phoenix is offline
Risen from the ashes
Join Date: May 2008
Posts: 696

Originally Posted by halber_mensch
iptables has a confusing syntax to me, and it's overly complicated. pf actually has a well defined language for declaring firewall rules that's pretty intuitive.

pf's in-kernel NAT also sets it apart from ipfw with its less reliable userland NAT daemon
ipfw(8) in FreeBSD 7+ includes in-kernel NAT. See the nat keyword in the man page. It's not as intuitive as pf's, but it's there.

Help for FreeBSD: Handbook, FAQ, man pages, mailing lists.
