Iptables vs. Cisco PIX
moritz.gartenmeister at access.unizh.ch
Wed Apr 13 12:33:20 CEST 2005
i'm using a pix at my border. i'm using it for NAT (as it is built for this) and for simple access
control. behind the pix i run iptables for logging, shaping, filtering etc...
i would recommend cisco, if you need support, high avaibility, but no nice features.
if you need extra features as shaping, logging, scripting etc, then i would recommend iptables. you
can do much more with iptables, but this brings up some problems (as compatibility, dependicies
etc.), but if you are not happy with one feature, you can change it ;-)
More information about the netfilter