Date: Wed, 7 Dec 2016 17:23:26 -0700 (MST) From: Warren Block <wblock@wonkity.com> To: Polytropon <freebsd@edvax.de> Cc: byrnejb@harte-lyne.ca, freebsd-questions@freebsd.org Subject: Re: FreeBSD Firewalls Message-ID: <alpine.BSF.2.20.1612071721550.5616@wonkity.com> In-Reply-To: <20161207231046.504c2a61.freebsd@edvax.de> References: <5bed7716cd0c9f56e7fe73e86d0cde45.squirrel@webmail.harte-lyne.ca> <alpine.BSF.2.20.1612071450340.5616@wonkity.com> <20161207231046.504c2a61.freebsd@edvax.de>
next in thread | previous in thread | raw e-mail | index | archive | help
On Wed, 7 Dec 2016, Polytropon wrote: > On Wed, 7 Dec 2016 14:55:34 -0700 (MST), Warren Block wrote: >> On Wed, 7 Dec 2016, James B. Byrne via freebsd-questions wrote: >> >>> Well, the setup and loading of Postgresql9.6 seems to have completed >>> successfully. Now, before this can go live I need to set up the >>> firewall. I am used to IPTables on CentOS but have no experience with >>> IPFilter or PF. >>> >>> First, which firewall, of the three I read are available (IPFW, >>> IPFilter and PF is the recommended choice? >> >> Either PF or IPFW, depending on who you ask. > > Or depending on _how_ you ask: For simple and "static" concepts, > IPFW is the typical suggestion, while more advanced and extended > firewalls setups lead to PF as a recommendation. But of course > it's not that one of the firewalls cannot be used for the other > "contradicting" purpose... :-) For me, it was that PF was easier to configure, certainly for simple things. I'm told IPFW has improved since then, and NAT is now better.
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?alpine.BSF.2.20.1612071721550.5616>