IPFilter TO PF
Max Laier
max at love2party.net
Thu Feb 10 16:30:11 PST 2005
On Wednesday 09 February 2005 06:44, Odhiambo Washington wrote:
> Hello users,
>
> I am a newbie to PF, but I have been using IPFilter for some
> time. Please bear with my first silly question.
>
> For reasons that I would like to enter the era of bandwidth control,
> and this is not available in IPFilter. I have a few boxes running
> almost with similar rules and was wondering if there could be a tool
> to convert ipf/ipnat rules into PF format/syntax or I just have to
> sit down and start the conversion manually.
>
> Thanks for any insights.
I am not aware of a tool like this. I also encourage to do manual conversion
or (better even) start from scratch. The OpenBSD PF-FAQ is a good tutorial
to start from. It makes a better ruleset if you write it with the PF
"philosophy" in mind. I understand however, that it might be interesting to
take over long lists of individual block/pass rules. This type of rule,
however, is a prime example of how PF differs from the 3.x IPFilter since PF
comes with tables you might want to rewrite your rules there. It is hard to
do such things in an automated tool.
Please let us know if you find something helpful on the net - I didn't yet.
--
/"\ Best regards, | mlaier at freebsd.org
\ / Max Laier | ICQ #67774661
X http://pf4freebsd.love2party.net/ | mlaier at EFnet
/ \ ASCII Ribbon Campaign | Against HTML Mail and News
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 187 bytes
Desc: not available
Url : http://lists.freebsd.org/pipermail/freebsd-pf/attachments/20050211/806a8a5b/attachment.bin
More information about the freebsd-pf
mailing list