RE: ipf / pf

• Previous message: Ron Sweeney: "mount within a mount results in system crash"
• In reply to: j.l_at_telus.net: "ipf / pf"
• Next in thread: Jonathan Lin: "Re: ipf / pf"
• Reply: Jonathan Lin: "Re: ipf / pf"
• Reply: Will Prater: "Re: ipf / pf availability in 4.9"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

To: <j.l@telus.net>, <questions@FreeBSD.org>
Date: Tue, 30 Dec 2003 22:26:26 -0500

PF has been just ported to FBSD. I don't know if ipf & pf have a
common code background, but I do know pf & ipf have totally
different rule processing logic though the rules do look some what
common. When it comes to using variables on the rule set, that is
just the normal function of shell processing. Ipfw, ipf, and pf can
all be buried inside of an shell script and perform variable
substitution.
In FBSD the rc.conf statement for pointing to the directory location
of the ipf rules can not process a script. You just point that
rc.conf statement to an empty file just to get the system up. Then
you have script in the startup application directory that executes
to load the ipf rules. Works great.

-----Original Message-----
From: owner-freebsd-questions@freebsd.org
[mailto:owner-freebsd-questions@freebsd.org]On Behalf Of
j.l@telus.net
Sent: Tuesday, December 30, 2003 7:35 PM
To: questions@FreeBSD.org
Subject: ipf / pf

Hi,

Here's a question that might seem trivial:

What's the relationship between the freebsd ipf and the openbsd pf?
Are they
the same thing, or are they separately developed branches of a
common
codebase? Or maybe they are totally different. I ask this because
I was
looking around for guides for ipf.rules, and some of the openbsd pf
examples
look similar, but some command syntax are different. The openbsd
pf.conf
example had the ability to define variables of ip addresses,
interface names,
etc, but it doesn't seem to work with ipf.rules. Is there any way
to define
variables in ipf.rules?

please cc me in your responses cause I'm not subscribed to the list

thanks so much
jonathan

_______________________________________________
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to
"freebsd-questions-unsubscribe@freebsd.org"

_______________________________________________
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to "freebsd-questions-unsubscribe@freebsd.org"

• Previous message: Ron Sweeney: "mount within a mount results in system crash"
• In reply to: j.l_at_telus.net: "ipf / pf"
• Next in thread: Jonathan Lin: "Re: ipf / pf"
• Reply: Jonathan Lin: "Re: ipf / pf"
• Reply: Will Prater: "Re: ipf / pf availability in 4.9"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

Relevant Pages Re: ipf / pf availability in 4.9 ... Anyone know if there is a way to get PF to port to FreeBSD 4.9? ... > common code background, but I do know pf & ipf have totally ... Ipfw, ipf, and pf can ... > To unsubscribe, send any mail to ... (freebsd-questions) Re: Looking into a new firewall ... > openbsd went out of there way to make ipf a pain to get working. ... > kernel has to be completly reworked for the hooks to work. ... > moved over to netbsd with the ipf. ... (comp.security.firewalls) Re: More applicable NG? ... I want to thank everyone in this newsgroup for the advice & ... Install a clean minimal boot version of FBSD ... configure IPF for "IP-less" operation. ... Configure both NIC's for DHCP. ... (comp.unix.bsd.freebsd.misc) Re: firewall on freebsd ... > IPF was written for OpenBSD and later ported to FreeBSD. ... > existence because of disagreements between certain members of the OpenBSD ... outside the mainstream firewall feature set. ... (freebsd-questions) RE: ipf / pf availability in 4.9 ... OpenBSD pf as a kldmodule ... ipf / pf availability in 4.9 ... Anyone know if there is a way to get PF to port to FreeBSD 4.9? ... > To unsubscribe, send any mail to ... (freebsd-questions)