Date: Mon, 29 Jan 2001 12:33:33 +0800 From: Erwan Arzur <erwan@netvalue.com> To: =?iso-8859-1?Q?Jo=E3o?= Fernandes <OpsyDopsy@netcabo.pt> Cc: stable@freebsd.org Subject: Re: IPF vs ipfw? Message-ID: <3A74F29D.1C68CF8F@netvalue.com> References: <01012808071600.15005@OpsyDopsy.net.dhis.org>
next in thread | previous in thread | raw e-mail | index | archive | help
Joćo Fernandes wrote: > > Could some one please enlighten me on the subject IPFilter Versus ipfw? > What the pros and cons may be? > Or if this topic has already been way discussed, could I be given an URL to > go and read the discussions? > > Thanks in advance. > > Joao Fernandes > Information about ipfilter on its home page : http://coombs.anu.edu.au/ipfilter/ My impression on ipfilter is that it is well and very actively maintained by its author, and is a very comprehensive package ... just as an example, the latest ECE flag advisory about ipfw came out when this new flag has been handled by ipfilter for a long time. Both of them are well documented (both the FreeBSD security howto and ipf howto are a must-read), when ipfilter needs more hard work to understand every aspects of it (which is good if you plan to be serious about your security) ... I've been using it for one year now, switching from ipfw because of its dynamic rules (keep state) feature which was not available in ipfw at this time. Now, it's exteremely difficult to give some pros and cons on any such sensible package without starting a flamewar :-) More discussion about this topic can be found on the security@freebsd.org archives, on www.freebsd.org. -- Erwan Arzur NetValue ltd. To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-stable" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?3A74F29D.1C68CF8F>