Re: firewall on freebsd
From: Michael H. Semcheski (lists_at_immuneit.com)
Date: 06/24/05
- Previous message: Kris Kennaway: "Re: Help with 'make' failure while building custom kernel"
- In reply to: Ean Kingston: "Re: firewall on freebsd"
- Next in thread: Giorgos Keramidas: "Re: firewall on freebsd"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
To: freebsd-questions@freebsd.org Date: Fri, 24 Jun 2005 11:11:13 -0400
On Friday 24 June 2005 10:59 am, Ean Kingston wrote:
> IPF was written for OpenBSD and later ported to FreeBSD. IPF came into
> existence because of disagreements between certain members of the OpenBSD
> team and the author of IPFilter. Filtering is done in the kernel and I
> believe NAT is also in-kernel.
The OpenBSD packet filter is known as pf, not ipf. It exists in FreeBSD as
pf.
I have to say that I find it has some very useful features, though they are
outside the mainstream firewall feature set. For instance, authpf. When you
log into the firewall (usually via ssh), if the account's login type shell is
authpf, a special set of firewall rules get loaded for the IP address the
client is connecting from.
I have used pf and ipfw, and they're both fine. If I had to pick, I'd choose
pf because I like that it uses a seperate configuration file, rather than a
shell script to load its rules.
I'm not an expert on either.
Mike
_______________________________________________
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to "freebsd-questions-unsubscribe@freebsd.org"
- Previous message: Kris Kennaway: "Re: Help with 'make' failure while building custom kernel"
- In reply to: Ean Kingston: "Re: firewall on freebsd"
- Next in thread: Giorgos Keramidas: "Re: firewall on freebsd"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
Relevant Pages
|
|
