Date: Sat, 15 May 1999 10:44:21 +1200 From: "Dan Langille" <junkmale@xtra.co.nz> To: Wham Bang <wham_bang@yahoo.com> Cc: freebsd-questions@FreeBSD.ORG Subject: Re: IP Filter vrs ipfw+natd Message-ID: <19990514224632.NUQ7623210.mta2-rme@wocker> In-Reply-To: <19990514211423.25890.rocketmail@web106.yahoomail.com>
next in thread | previous in thread | raw e-mail | index | archive | help
<color><param>0100,0100,0100</param><FontFamily><param>Courier New</param>On 14 May 99, at 14:14, Wham Bang wrote: <italic><color><param>0000,0000,FF00</param>> So I'm a little confused. I think I'd rather use IP Filter, but > I can't even find clear instructions on building a 3.1 kernel > with it enabled... </italic></color>The FreeBSD Diary doesn't have an article dealing soley with 3.* and ipfilter. Not that it is of any help to you now, but one is planned for the near future as I'm about to put together another box. But for the meantime, I've looked at my notes at http://www.freebsddiary.org/freebsd/upgrade31.htm under the heading "2 March 6:42 am" (or just search for ipfilter). And the following is not guaranteed to work, but it's my gut feeling: You don't need any special kernel options. The ipfilter install process will take care of that for you. Then skip down to "3 March 5:17 pm" where I compile ipfilter: [/usr/src/sys/i386/conf] # config IPFILTER3 // this is my kernel [/usr/src/sys/i386/conf] # cd /usr/ports/net/ipfilter [/usr/ports/net/ipfilter] # make freebsd30 [/usr/ports/net/ipfilter] # make install-bsd [/usr/ports/net/ipfilter] # FreeBSD-2.2/kinstall <FontFamily><param>Arial</param>> Does anyone have any advice to offer on <italic><color><param>0000,0000,FF00</param><FontFamily><param>Courier New</param>> IP Filter versus ipfw and natd? </italic></color><FontFamily><param>Arial</param>I like IP Filter because it seems to be more robust and feature rich. In my opinion, it's far more than the average user needs at home. But I'm using it anyway. I think it's more suited to sites with high traffic volumes and comple rule sets. But I'm using it anyway.<italic><color><param>0000,0000,FF00</param><FontFamily><param>Courier New</param> </italic></color><FontFamily><param>Arial</param>> Is there some reason that <italic><color><param>0000,0000,FF00</param><FontFamily><param>Courier New</param>> there's so much documentation on ipfw and natd compared to > the IP Filter stuff? </italic></color><FontFamily><param>Arial</param>I've heard someone say the IPFilter author doesn't do much documentation. As for writing something, is that you I hear volunteering? Sounds like a good way to get started with a FreeBSD project. <<grin> -- Dan Langille - DVL Software Limited The FreeBSD Diary - http://www.FreeBSDDiary.org/freebsd/ NZ FreeBSD User Group - http://www.nzfug.nz.freebsd.org/ The Racing System - http://www.racingsystem.com/racingsystem.htm To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-questions" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?19990514224632.NUQ7623210.mta2-rme>