[FreeBSD 11 Wishlist] Replacing an OpenBSD Firewall
Lowell Gilbert
freebsd-lists at be-well.ilk.org
Fri Jan 2 18:17:21 UTC 2015
Adrian Chadd <adrian at freebsd.org> writes:
> On 2 January 2015 at 07:41, Mark Felder <feld at freebsd.org> wrote:
>> I've been encouraged to use ipfw and dummynet, but converting my
>> firewall rules again is not something I'm enthusiastic about. I'll note
>> that FreeBSD is often praised for including pf while ipfw is completely
>> overlooked; our own Handbook even puts pf before ipfw. That certainly
>> sends a message that we may not be intending to send and should be
>> considered carefully.
>
> Well, I bet the handbook updates were written by a pf-loving person. :)
I just took a quick look at that Handbook chapter (for the first time in
quite a few years), and I didn't notice anything I'd consider a
problem. All three firewalls are mentioned and (*very* lightly) compared
in the Synopsis that begins the chapter. pf does come before ipfw, but
*something* has to come first; it's not like anyone would go for a
suggestion like periodically re-ordering the sections...
More information about the freebsd-hackers
mailing list