On Fri, 2 May 2008, Zane C.B. wrote:
On Mon, 28 Apr 2008 20:50:06 +0100
Bruce Cran <[EMAIL PROTECTED]> wrote:
Doug Hardie wrote:
FreeBSD supports 3 firewalls: IPF, IPFW, and PF. Some time ago
(perhaps years) I seem to recall some discussion that one or more
of those was better maintained and higher quality than the
others. I don't see any indications of this in the handbook.
Several years ago I needed to do traffic shaping and used IPFW
with dummynet. It worked but the need eventually went away.
More recently I needed to incorporate spamd which defaults to PF
so I used that. However, now I am back to needing traffic
shaping again. I suspect trying to use both PF and IPFW
simultaneously will not be a good approach. In addition, there
now are instructions for using spamd with IPFW so it appears that
either PF or IPFW will do what I need. Is there any additional
information available to assist in selecting between those?
Thanks.
As I understand it pf is often found to be easiest to use and has
lots of features like altq and os fingerprinting but is quite a bit
slower than ipfw.
There is one thing that IPFW has that PF does not that I have found
to be very handy at times. It can be used to setup firewall rules
that only affect a specific group or user.
PF can do this too.
There were threading/locking/crashing issues when last I tried to use
that feature of PF back in FreeBSD 5.x, but that was a very long time
ago.
_______________________________________________
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to "[EMAIL PROTECTED]"