Re: FreeBSD has Two Firewalls?
"Loren M. Lang" <[EMAIL PROTECTED]> writes: > It looks like ipfilter is a newer and more improved over ipfw They're independent implementations. > It looks like ipfilter is a newer and more improved over ipfw, but I'm > not sure. I'm looking for a good firewall with similar functionality to > linux's netfilter. Which, as I understand it, is a descendent of ipchains. ipchains is a descendent of an older version of ipfw. > linux's netfilter. Previously I was doing some somewhat sophisticated > things like disabling or limiting internet access for certain indivuals > depending on the time of day, as well as using connection helpers for > ftp, irc, etc. What's the best firewall to use for this? There's a lot of Linux-specific terminology in there, so I can't really unwind it very well. I don't know of any support for time-of-day modifications, but I'd expect that somebody out there has written it. Depending on the exact requirements, it may even be trivial. "Connection helpers" sounds like automatic proxy support, which I'm not crazy about but which I know ipfilter does somewhat more extensively than ipfw. The big advantage of ipfw is that dummynet(4) hooks in through it. Dummynet is a traffic shaper, as well as a framework that sort of resembles (as far as I understand) netfilter. Also note that it's perfectly possible and often quite convenient to use more than one firewall program... ___ [EMAIL PROTECTED] mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "[EMAIL PROTECTED]"
Re: FreeBSD has Two Firewalls?
On Wed, Feb 11, 2004 at 08:43:26AM -0500, Lowell Gilbert wrote: > "Loren M. Lang" <[EMAIL PROTECTED]> writes: > > > I'm trying to learn how to configure my firewall on FreeBSD and there > > seems to be quite a few commands related to it. It looks like, though, > > that FreeBSD has two different implentations of firewalls. One uses > > ipfw to configure it and has natd for nat, the other uses ipf and has > > ipmon, ipnat, ipfs for controlling it. Is this true? > > Pretty much. > > There are some more firewall implementations in the ports, as well. It looks like ipfilter is a newer and more improved over ipfw, but I'm not sure. I'm looking for a good firewall with similar functionality to linux's netfilter. Previously I was doing some somewhat sophisticated things like disabling or limiting internet access for certain indivuals depending on the time of day, as well as using connection helpers for ftp, irc, etc. What's the best firewall to use for this? > > > Where are some good references for learning the packet filter on > > FreeBSD? > > The FreeBSD Handbook and the manual are usually plenty. -- I sense much NT in you. NT leads to Bluescreen. Bluescreen leads to downtime. Downtime leads to suffering. NT is the path to the darkside. Powerful Unix is. Public Key: ftp://ftp.tallye.com/pub/lorenl_pubkey.asc Fingerprint: B3B9 D669 69C9 09EC 1BCD 835A FAF3 7A46 E4A3 280C pgp0.pgp Description: PGP signature
Re: FreeBSD has Two Firewalls?
"Loren M. Lang" <[EMAIL PROTECTED]> writes: > I'm trying to learn how to configure my firewall on FreeBSD and there > seems to be quite a few commands related to it. It looks like, though, > that FreeBSD has two different implentations of firewalls. One uses > ipfw to configure it and has natd for nat, the other uses ipf and has > ipmon, ipnat, ipfs for controlling it. Is this true? Pretty much. There are some more firewall implementations in the ports, as well. > Where are some good references for learning the packet filter on > FreeBSD? The FreeBSD Handbook and the manual are usually plenty. ___ [EMAIL PROTECTED] mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "[EMAIL PROTECTED]"
FreeBSD has Two Firewalls?
I'm trying to learn how to configure my firewall on FreeBSD and there seems to be quite a few commands related to it. It looks like, though, that FreeBSD has two different implentations of firewalls. One uses ipfw to configure it and has natd for nat, the other uses ipf and has ipmon, ipnat, ipfs for controlling it. Is this true? Where are some good references for learning the packet filter on FreeBSD? -- I sense much NT in you. NT leads to Bluescreen. Bluescreen leads to downtime. Downtime leads to suffering. NT is the path to the darkside. Powerful Unix is. Public Key: ftp://ftp.tallye.com/pub/lorenl_pubkey.asc Fingerprint: B3B9 D669 69C9 09EC 1BCD 835A FAF3 7A46 E4A3 280C pgp0.pgp Description: PGP signature