From owner-freebsd-ipfw Tue Aug 29 2: 5:28 2000 Delivered-To: freebsd-ipfw@freebsd.org Received: from ipamzlx.physik.uni-mainz.de (ipamzlx.Physik.Uni-Mainz.DE [134.93.180.54]) by hub.freebsd.org (Postfix) with ESMTP id 79DC737B43E for ; Tue, 29 Aug 2000 02:05:24 -0700 (PDT) Received: from ipamzlx.Physik.Uni-Mainz.DE (ipamzlx.Physik.Uni-Mainz.DE [134.93.180.54]) by ipamzlx.physik.uni-mainz.de (8.11.0/8.9.3) with ESMTP id e7T97o823656 for ; Tue, 29 Aug 2000 11:07:50 +0200 (CEST) (envelope-from ohartman@ipamzlx.physik.uni-mainz.de) Date: Tue, 29 Aug 2000 11:07:50 +0200 (CEST) From: "O. Hartmann" To: freebsd-ipfw@freebsd.org Subject: IPFIREWALL or IPFILTER? What are the benefits of each filter? Message-ID: MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII Sender: owner-freebsd-ipfw@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.ORG Dear Sirs. Using FreebSD 4.1-STABLE on our servers I'm confrontated with the need of security. I have the choice of two IP filtering facilities in FreeBSD's kernel, but can anybody tell me what are the benefits of each one? At this moment I try IPFIREWALL and it seems to be good, syntax is easy to understand, since the last revision we got a stateful filtering instance and so on. But what is about IPFILTER? At this stage I think choosing one or the other technique will be easy, the easyness of understanding syntax is not the problem, I think main focus should be on flexibility. If anyone out here can describe the differences and benefits of each firewall unit, please feel free to answer. Thanks a lot, Gruss O. Hartmann ------------------------------------------------------------------- ohartman@ipamzlx.physik.uni-mainz.de Klimadatenserver des IPA, Universitaet Mainz Netzwerk- und Systembetreuung To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-ipfw" in the body of the message