Date: Wed, 14 Aug 1996 04:49:30 -0700 From: "Jordan K. Hubbard" <jkh@time.cdrom.com> To: hackers@freebsd.org Subject: ipfw vs ipfilter? Message-ID: <14393.840023370@time.cdrom.com>
next in thread | raw e-mail | index | archive | help
I've been trying to implement a firewall for the past couple of days, and over the course of same have come to realize a few interesting things I didn't know (at least from direct experience) before: 1. ipfw is klunky. klunky interface, klunky syntax, klunky code. 2. ipfw has changed so much, and with so little regard for backwards-compatible command syntax, that many of the docs floating around for it do not even apply. 3. I've tried to implement a firewall with it using the available directions and so far I've sucessfully implemented the wall portion, it's just getting legitimate traffic through it that's not working. :-) This thing's ease-of-use factor could stand some real improvement. 4. Darren Reed's ipfilter software is well documented, supported, and runs on everything from Solaris to Linux to *BSD. It also has some interesting looking tools which have been written for it. 5. ipfilter's license is very relaxed. There's no reason we couldn't bundle it. 6. If I get this firewall up and running easily with ipfilter (and the Jury's still out on that), you can expect to hear me chanting "down with ipfw! up with ipfilter!" in the near future. :-) Jordan
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?14393.840023370>