Date: Thu, 27 Jul 2000 20:28:01 +1000 (Australia/NSW) From: Darren Reed <avalon@coombs.anu.edu.au> To: kellysm_2k@yahoo.com (Shawn Kelly) Cc: freebsd-security@FreeBSD.ORG Subject: Re: ipfw vs ipfilter Message-ID: <200007271028.UAA14610@cairo.anu.edu.au> In-Reply-To: <20000726140337.10891.qmail@web5103.mail.yahoo.com> from "Shawn Kelly" at Jul 26, 2000 07:03:37 AM
next in thread | previous in thread | raw e-mail | index | archive | help
In some mail from Shawn Kelly, sie said: > > I'm new to FreeBSD and I have a couple of questions regarding firewalls. > > What are the major differences between ipfw and ipfilter? ipfilter is semi-platform independant, ipfw is freebsd specific. ipfilter logging is via a character device, ipfw uses kernel syslog. ... > Is one better than the other? Why? Does it depend on the situation? ipfw is marginally better for freebsd because it supports all the freebsd specific hacks - not that this buys you anything wonderful in terms of filtering. ipfilter is generally considered to be the "leading" public domain packet filtering package and I try to ensure it stays that way :-) For example, the state tracking code in IP Filter is still without an equal. If you are *serious* about your security you wouldn't use ipfw (by serious I mean not for home/small company use, where physical security is recognised, etc). > Which one is receiving more development time? heh that's a weird question to ask. I should add that if YOU feel it is important then YOU should add some worth to them by donating some of your time. someone should really do a web page that talks about the differences :) To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?200007271028.UAA14610>