Date: Tue, 15 Mar 2005 20:39:16 +0100 (CET) From: Andreas Davour <ante@Update.UU.SE> To: Lowell Gilbert <freebsd-questions-local@be-well.ilk.org> Cc: freebsd-questions@freebsd.org Subject: Re: IPFW or pf? Message-ID: <Pine.LNX.4.62.0503152036030.9592@Psilocybe.Update.UU.SE> In-Reply-To: <448y4p7znq.fsf@be-well.ilk.org> References: <42326F4D.70008@daleco.biz> <200503120435.j2C4ZDr89213@fat_man.ascendency.net> <20050313112025.GI18080@alzatex.com> <20050314153532.GA825@Alex.lan> <448y4p7znq.fsf@be-well.ilk.org>
next in thread | previous in thread | raw e-mail | index | archive | help
On Tue, 15 Mar 2005, Lowell Gilbert wrote: > Andreas Davour <ante@Update.UU.SE> writes: > >> I have read the handbook about firewalls, and compiled my kernel >> without switching on any explicit support for pf. >> >> Now, when I ran the mergemaster it suddenly found a lot of references >> to pf in my startup scripts. > > The startup scripts support pf, but do not require it. Ok, That's a relief. I didn't do anything stupid. >> Is pf some kind of mandatory part of the base system these days? I >> thought it was some kind of alternative to IPFW, but now I'm no longer >> so sure. > > It is a part of the base system. It is always present just like ipfw, > but its use is not required. So, the base systems ships with two firewalls? Why? Reading about firewalls in the handbook, I realized I didn't know much about them. I'd say that adding some more text to the handbook about those two and how they [don't] interact might be a good idea. I don't know enough to do it. >> Can someone tell me if it's ok to just use IPFW on my STABLE system, >> or is there some other knobs in the kernelconfig I should toggle to >> turn off pf support? > > You are fine the way you are. I recommend letting mergemaster update > the default pf startup files, so that it won't ask about them next > time, but it doesn't really matter if you're not using pf. Will do. Thanks for the help! /Andreas -- A: Because it fouls the order in which people normally read text. Q: Why is top-posting such a bad thing? A: Top-posting. Q: What is the most annoying thing on usenet and in e-mail?
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?Pine.LNX.4.62.0503152036030.9592>