From owner-freebsd-questions Tue Oct 8 5:38:55 2002 Delivered-To: freebsd-questions@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id CB81837B401 for ; Tue, 8 Oct 2002 05:38:53 -0700 (PDT) Received: from hotmail.com (f36.law9.hotmail.com [64.4.9.36]) by mx1.FreeBSD.org (Postfix) with ESMTP id 8665843E65 for ; Tue, 8 Oct 2002 05:38:53 -0700 (PDT) (envelope-from ksrgyn@hotmail.com) Received: from mail pickup service by hotmail.com with Microsoft SMTPSVC; Tue, 8 Oct 2002 05:38:53 -0700 Received: from 200.199.228.72 by lw9fd.law9.hotmail.msn.com with HTTP; Tue, 08 Oct 2002 12:38:52 GMT X-Originating-IP: [200.199.228.72] From: "ksrgyn -" To: veldy@veldy.net, freebsd-questions@FreeBSD.ORG Subject: Re: IPFW and IpFilter Date: Tue, 08 Oct 2002 12:38:52 +0000 Mime-Version: 1.0 Content-Type: text/plain; charset=iso-8859-1; format=flowed Message-ID: X-OriginalArrivalTime: 08 Oct 2002 12:38:53.0352 (UTC) FILETIME=[A90CA280:01C26EC7] Sender: owner-freebsd-questions@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.ORG I want configure my firewall with ipfilter and configure source routing with ipfw. And i want that the packages match first in the ipfw rules and after in the ipfilter rules. But this no work. 2002 07:16:27 -0500 > >Why would you want to do that? I can think of no reason to use both other >than some of the supplemental features of ipfw like bandwidth shaping. > >Tom Veldhouse > >----- Original Message ----- >From: "ksrgyn -" >To: >Sent: Monday, October 07, 2002 3:58 PM >Subject: IPFW and IpFilter > > > > > > Hi, > > > > I have a problem where the ipfw and ipfilter can not work together. > > I need the packages matching first in the rules of ipfw and after in >the > > rules of ipfiter. > > I configure my kernel with ipfw options before ipfilter options and i > > compile but don't work, then i try to compile my kernel with the ipfw > > options and without ipfilter options that was loaded as a module, and >don't > > work too. > > The packages must be checked first in IPFW and then they need to be > > checked in ipfilter. They are not being checked in IPFW, what's the >problem > > ? > > > > This is what i find in IPFILTER FAQ: > > > > IPF and IPFW both have features I want to use, must I choose between >them? > > No. You can run them both on a single machine. However, you must take >care > > to ensure that one package's rules do not interfere with the other's. >Note > > that the packages get access to rules in the order in which they were > > loaded, e.g. if IPFW is compiled in the kernel and IPF is loaded as a > > module, IPFW "sees" packets before IPF. > > > > > > _________________________________________________________________ > > Tenha você também um MSN Hotmail, o maior webmail do mundo: > > http://www.hotmail.com/br > > > > > > To Unsubscribe: send mail to majordomo@FreeBSD.org > > with "unsubscribe freebsd-questions" in the body of the message > > _________________________________________________________________ Tenha você também um MSN Hotmail, o maior webmail do mundo: http://www.hotmail.com/br To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-questions" in the body of the message