John Levine wrote:
I'm putting together a freebsd router to sit between my LAN and a T1.
The current router (still running BSD/OS) uses BSDI's ipfw, but that
died when BSDI did.  It's about as simple a routing job as one could
ask, a T1 with a static address to a LAN with a static /24.

I have a whole bunch of packet filtering rules on the current router
to keep out nasty stuff based partly on port numbers but also a couple
of hundred IP ranges from the SBL and elsewhere.  I have enough IP
addresses that I do not need to NAT.

What are the relative merits of freebsd's ipf and ipfw?  It looks like
either can do the filtering I need to do.  Any reason to choose one
over the other?

Take a look at PF. It was developed by OpenBSD and ported to FreeBSD.
_______________________________________________
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to "[EMAIL PROTECTED]"

Reply via email to