Mayuresh <mayuresh%acm.org@localhost> writes: > Exactly one of the following firewall options is required: > sshguard-aix Select AIX firewall backend for SSHGuard. > sshguard-hosts Select host firewall backend for SSHGuard. > sshguard-ipfilter Select IPFilter firewall backend for SSHGuard. > sshguard-ipfw Select ipfw firewall backend for SSHGuard. > sshguard-iptables Select iptables firewall backend for SSHGuard. > sshguard-null Select null firewall backend for SSHGuard. > sshguard-pf Select PF firewall backend for SSHGuard. > > These options are enabled by default: > sshguard-ipfilter > > Seems pkgsrc has made ipfilter a default choice. Don't overinterpret. That should be read as "the person who set the default option for sshguard chose ipfilter, at some point in time". Until fairly recently, ipfilter was the standard approach on NetBSD. Now it's the old/stable approach, and npf is the modern approach. > Is this a preferred choice on NetBSD? Any specific guidance on pros and > cons of various choices for NetBSD? ipfilter is a reasonable choice. I would recommend npf for new firewalls. It would be nice for sshguard to: have an npf backend (upstream) only have optoins for firewalls that make sense per OS (pkg)
Attachment:
signature.asc
Description: PGP signature