Date: Fri, 7 Jul 2000 12:49:41 -0500 From: "Jonathan Fosburgh" <fosburgh@flash.net> To: <Peter.McGarvey@telinco.net>, "FREEBSD-Questions" <freebsd-questions@FreeBSD.ORG> Subject: Re: IPFIREWALL or IPFILTER? Message-ID: <011a01bfe83b$bf47c710$ca406f8f@mdacc.tmc.edu> References: <3966015C.FCDCD1F5@telinco.net>
next in thread | previous in thread | raw e-mail | index | archive | help
----- Original Message ----- From: "Peter McGarvey" <Peter.McGarvey@telinco.net> To: "FREEBSD-Questions" <freebsd-questions@FreeBSD.ORG> Sent: Friday, July 07, 2000 11:12 AM Subject: Q: IPFIREWALL or IPFILTER? > In building a new kernel, I can add support for IPFIREWALL and IPFILTER. > > What I'd like to know is what's the difference? > > And which is better? > > And is both a bad idea? > > The only firewalls I've ever dealt with are of the packet filtering sort > built into routers. But now I'm playing with a FreeBSD box with 3 NICs > so it seems like a good time to learn a bit more about firewalls. > Discovering that FreeBSD supports two I went looking for some sort of > comparison between the two. But couldn't find anything. Hence, the > above questions. > In my own experience, ipfilter is easier to use. Its configuration file syntax is easier for me to understand, and this has allowed me to create a working firewall for my home LAN (running on dialup with dynamic IPs) with no overhead. I can get outside of it (something I couldn't accomplish with ipfirewall) and I can selectively block certain ports from the outside. So faw, I have encountered no problems. To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-questions" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?011a01bfe83b$bf47c710$ca406f8f>