Date: Fri, 8 Aug 2003 18:49:48 -0400 From: "Peter C. Lai" <sirmoo@cowbert.2y.net> To: freebsd-security@freebsd.org Subject: Re: FreeBSD - Secure by DEFAULT ?? [hosts.allow] Message-ID: <20030808224948.GC2559@cowbert.2y.net> In-Reply-To: <20030807222255.GA18430@dali.cs.wm.edu> References: <20030807191926.50590.qmail@web10108.mail.yahoo.com> <000001c35d26$cd0827b0$0304a8c0@delllaptop> <20030807222255.GA18430@dali.cs.wm.edu>
next in thread | previous in thread | raw e-mail | index | archive | help
What are you meaning by "native"? They both exist as part of the base FreeBSD kernel; so in that sense, both ipf and ipfw are "native" to FreeBSD. I don't see how this argument is appropriate for choosing one over the other anyway. On Thu, Aug 07, 2003 at 06:22:55PM -0400, Zvezdan Petkovic wrote: > On Thu, Aug 07, 2003 at 01:59:27PM -0700, Chris Odell wrote: > > > > But why IPFW? IPF is *BSD native wall. I actually use both - IPF for > > firewalling, and IPFW for throttling via dummy net. My recommended > > reading for IPF and IPFW is "Building Linux and OpenBSD Firewalls"... > > Where did you get this information? > > Native firewall for FreeBSD is ipfw, AFAIK. It's even used on OS X as a > native firewall, due to Darwin's FreeBSD roots. > > Also, OpenBSD stopped using ipf four releases ago. The native firewall > for OpenBSD is pf. pf inherited much of the syntax from ipf, but also > extended it and added some features. > > That said, I personally find ipf quite a good stateful firewall and its > syntax can feel more natural than ipfw syntax. It also works on Solaris > and other OS's besides *BSDs. > > -- > Zvezdan Petkovic <zvezdan@cs.wm.edu> > http://www.cs.wm.edu/~zvezdan/ > _______________________________________________ > freebsd-security@freebsd.org mailing list > http://lists.freebsd.org/mailman/listinfo/freebsd-security > To unsubscribe, send any mail to "freebsd-security-unsubscribe@freebsd.org" -- Peter C. Lai University of Connecticut Dept. of Molecular and Cell Biology Yale University School of Medicine SenseLab | Research Assistant http://cowbert.2y.net/
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20030808224948.GC2559>