Re: [Sheflug] Re: [Sheflug] Re: Suggestions of distro?

[Richard Lowe <xxxxx [at] xxxxxxxxxxxx>]

* Chris J (cej [at] nccnet.co.uk) wrote:
> 
> Richard doodled:
> > * Chris J (cej [at] nccnet.co.uk) wrote:
> >> The difficult part with OpenBSD
> >> is the disk  partitioning as on x86 architecture you have to partition
> >> the disk with a  *single* partition (well you can use two or more, but
> >> that gets interesting),  and within that one partition you create a
> >> disklabel - it doesn't use  "standard" partitions, per se.
> >
> > Or when it says "Use entire disk for OpenBSD [y/N]" say Y :)
> >
> 
> Hmm...I've never had the benefit of using that option, always setting the
> thing up on a single disk to dual or tri boot between OS's. Even on my
> firewall box it shares space with Win95 (which I need in case I call Telewest
> out at some point so I have a "supported" OS).
>

I'm in the... errrrrr.... I guess in this case lucky, position of
sharing 33.6 dialup. :)


> >
> > The FAQ and install stuff is really well written, I think.
> 
> Agreed - OpenBSD's documentation, from the FAQ (which is effectively the
> users manual) to the man pages are clear and consise and most importantly, up-
> to-date. Something that can't be said for bits of Linux documnetation
> (especially with GNU's "man pages are obsolete" attitude).
> 

I wouldn't mind that so much, if had enough usability, for me to read
the info documentation in it :)

> >> Thus, there's a fair change under the hood to the firewalling for  Open
> >> 3.0, and some grammer changes needed to the filter and NAT rulesets you
> >> have.
> >>
> >
> > Not many, most for the better IMHO (being able to list
> > ports/hosts/protocols in a single rule, is *nice*).
> >
> 
> Yes, I did read that the new filter (called pf [packet filter]) is a lot more
> flexible than ipf was.

It would seem that a lot of the changes they wanted to make to ipf, but
were rejected, are going in there.  I'm not sure though.

> >
> > My router is running 3.0-stable, and I have a machine here (x86) running
> > -current, but I'm not much help regarding grammer changes, since I
> > haven't used it for packet filtering before now.
> >
> 
> I think the rules affect the NAT more than the filtering, but with the
> expanded syntax it may be possible to consolidate the original ipf ruleset so
> there are less rules ... which makes maintaining it a fair chunk easier.
> 
> Chris...
>

And since I use ppp(8) nat is handled by 'nat enable yes', 'nat
same_portes yes' in ppp.conf :)

[ Richard Lowe - richlowe - richlowe [at] richlowe.net ]
[             http://www.richlowe.net/            ]

___________________________________________________________________

Sheffield Linux User's Group - http://www.sheflug.co.uk . 
To unsubscribe from this list send mail to 
shef-lug-request@list.sheflug.org.uk with the word
"unsubscribe" in the body of the message. 

  GNU the choice of a complete generation.