Date: Sun, 6 Feb 2005 17:56:27 -0600 From: Jay Moore <jaymo@cromagnon.cullmail.com> To: Andy Firman <andy@firman.us> Cc: freebsd-questions@freebsd.org Subject: Re: IPF, IPFW, or IPFILTER? Message-ID: <200502061756.27924.jaymo@cromagnon.cullmail.com> In-Reply-To: <20050202180022.GA20636@akroteq.com> References: <20050202180022.GA20636@akroteq.com>
next in thread | previous in thread | raw e-mail | index | archive | help
On Wednesday 02 February 2005 12:00 pm, Andy Firman wrote: > The author of the FreeBSD handboodk prefers IPF (ipfilter) because > its stateful rules are much less complicated.... > The author of "The Complete BSD" talks about IPFW (ipfirewall) > only. People on this list talk of PF (packetfilter) quite a bit. > > What is the most "commonly used" firewall for a web/email host > server with a static IP address connected directly to the Internet? > (protecting itself) > > What is the most "commonly used" firewall for a gateway/router/ > network firewall server in front of several other boxes? > (protecting others and itself) Andy, I like pf; I think it's a mature product that is well-maintained by some folks who seem to know what they're doing. It was "ported" to FreeBSD about a year ago IIRC. There is a good user's guide available at www.openbsd.org. A little history: OpenBSD used to use ipf as its firewall. Major, major friction between the ipf author and OpenBSD proj leader motivated development of pf. Following post provides some background on this: http://www.monkey.org/openbsd/archive/misc/0206/msg02365.html hth, Jay
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?200502061756.27924.jaymo>