Date: Mon, 17 Jun 2002 14:47:20 -0400 From: parv <parv@pair.com> To: Ceri Davies <setantae@submonkey.net> Cc: Darren Pilgrim <dmp@pantherdragon.org>, freebsd-questions@freebsd.org Subject: Re: "Login for services" ipf/ipfw rule creation? Message-ID: <20020617184720.GB4290@moo.holy.cow> In-Reply-To: <20020617100400.GB6360@submonkey.net> References: <3D0DB0DC.2A7F8E1E@pantherdragon.org> <20020617100400.GB6360@submonkey.net>
next in thread | previous in thread | raw e-mail | index | archive | help
in message <20020617100400.GB6360@submonkey.net>, wrote Ceri Davies thusly... > > On Mon, Jun 17, 2002 at 02:50:20AM -0700, Darren Pilgrim wrote: > > ... > > I know ipfw doesn't have the ability to flush the static and > > dynamic rules seperately, but that ipf does. Can I use both > > ipfw and ipf simutaneously, or is it an either/or deal? > > I'm pretty sure it's either/or. i remember from some freebsd mailing list, not incorrectly, that at least one person was using both ipfw & ipf actively w/o problems (or problems had been workaround away or resolved). personally, i can testify, based on little experience, that both ipfw & ipf can be used simultaneously. you see i had both ipfw & ipf compiled in the kernel... options IPFIREWALL #options IPFIREWALL_DEFAULT_TO_ACCEPT options IPFILTER options IPFILTER_DEFAULT_BLOCK ...but i had rules only for ipf and not for ipfw. w/o the IPFIREWALL_DEFAULT_TO_ACCEPT option, nothing was going out ... until i realized the fact. so i enabled that option and everything is going in & out just fine. big idea is to leisurely experiment running both firewalls simultaneously, and as a side effect learn ipfw too. - parv -- To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-questions" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20020617184720.GB4290>