Date: Sun, 29 Oct 2000 21:00:21 -0500 From: Chris Browning <brownicm@prokyon.com> To: Jaroshenko Serge <jaroshenko@mail.ru> Cc: James Wilde <james.wilde@telia.com>, FreeBSD-questions@FreeBSD.ORG Subject: Re: IPFW vs IP-Filter Message-ID: <39FCD635.9BA3A1B7@prokyon.com> References: <Pine.BSF.4.21.0010251652450.27693-100000@freebsd.merlin.ru>
next in thread | previous in thread | raw e-mail | index | archive | help
Jaroshenko Serge wrote: > > On Wed, 25 Oct 2000, James Wilde wrote: > > > I've checked the handbook and other sources on IPFW and IP-Filter and I > > would appreciate some comments on the two. > > > > I assume that one uses either/or and not both. IPFW is compiled into the > > kernel but IP-Filter runs as an application. > > ipfilter is compiled into kernel - see LINT : > > options IPFIREWALL #firewall > options IPFIREWALL_VERBOSE #print information about > # dropped packets > options IPFIREWALL_FORWARD #enable transparent proxy support > options IPFIREWALL_VERBOSE_LIMIT=100 #limit verbosity > options IPFIREWALL_DEFAULT_TO_ACCEPT > options IPDIVERT #divert sockets > options IPFILTER #ipfilter support > options IPFILTER_LOG #ipfilter logging > options IPSTEALTH #support for stealth forwarding > I picked up an extra low-end box and was just about to begin playing with ipf. I've been using ipfw for about 9 months and have been happy, but, you know... If I'm not mistaken, I interpret this post as saying that I need the ipfw kernel options to run ipf. I had assumed that only the ipf options were necessary. What's up here? I'm glad I ran across this. -- ------------------------ Chris Browning brownicm@prokyon.com ------------------------ To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-questions" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?39FCD635.9BA3A1B7>