[plug] Firewall Distros

Mon Sep 19 19:58:01 WST 2005

On Mon, 2005-09-19 at 19:42 +0800, Mark B wrote:
> if it aint broken don't fix it

I tend to agree. 2.6.x's netfilter doesn't add that much over 2.4's for
most people. It has a bunch of new iptables modules and some internal
improvements, but I haven't seen anything earth-shattering for the more
common uses.

My firewall is 2.6, but that's because it's a Sarge box. If you're
looking for a pre-built firewall, I'd suggest taking whatever appears to
be the best choice for your needs, without worrying overly about the
versions of the innards. So long as it's kept up to date, of course.

--
Craig Ringer