Skip site navigation (1)Skip section navigation (2)
Date:      Thu, 7 Aug 2003 18:22:55 -0400
From:      Zvezdan Petkovic <zvezdan@CS.WM.EDU>
To:        freebsd-security@freebsd.org
Subject:   Re: FreeBSD - Secure by DEFAULT ?? [hosts.allow]
Message-ID:  <20030807222255.GA18430@dali.cs.wm.edu>
In-Reply-To: <000001c35d26$cd0827b0$0304a8c0@delllaptop>
References:  <20030807191926.50590.qmail@web10108.mail.yahoo.com> <000001c35d26$cd0827b0$0304a8c0@delllaptop>

Next in thread | Previous in thread | Raw E-Mail | Index | Archive | Help
On Thu, Aug 07, 2003 at 01:59:27PM -0700, Chris Odell wrote:
> 
> But why IPFW? IPF is *BSD native wall. I actually use both - IPF for
> firewalling, and IPFW for throttling via dummy net. My recommended
> reading for IPF and IPFW is "Building Linux and OpenBSD Firewalls"...

Where did you get this information?

Native firewall for FreeBSD is ipfw, AFAIK.  It's even used on OS X as a
native firewall, due to Darwin's FreeBSD roots.

Also, OpenBSD stopped using ipf four releases ago.  The native firewall
for OpenBSD is pf.  pf inherited much of the syntax from ipf, but also
extended it and added some features.

That said, I personally find ipf quite a good stateful firewall and its
syntax can feel more natural than ipfw syntax.  It also works on Solaris
and other OS's besides *BSDs.

-- 
Zvezdan Petkovic <zvezdan@cs.wm.edu>
http://www.cs.wm.edu/~zvezdan/



Want to link to this message? Use this URL: <http://docs.FreeBSD.org/cgi/mid.cgi?20030807222255.GA18430>