December 18, 2006

organizing packets!

All I wanted was binat on a couple of ip's. I had Linux,
and I thought, foolishly, this can't be that hard, in pf on
BSD it's all of one line. Why oh why do people want to
sort out packets into named lists, then process them? Can
we not use subnets and addresses like normal people and let
the packet filtering engine figure things out? And why is
there still not a real configuration file?

(Oh, but we have chains! And we named them to sort things!)

