ipf or ipfw?
jsta6559 at artax.karlin.mff.cuni.cz
Fri Jan 9 13:34:42 PST 2004
I am deciding whether to use ipf or ipfw. I have had a brief look
at them and I like them both. I am quite a newbie in this.
Is any one of them particularly better for the following
situation? One standalone server, hosted by an ISP; only want to
protect myself (explicitly allow the services I provide); no need
for traffic shaping; want to do some traffic statistics, though.
If you would use _one_ of them rather than the other for such a
task, please tell me why (I mean, point me to the docs saying
Also, I am a bit confused by the kernel config for this: the
names of the IPFILTER* and IPFIREWALL* make me think I need
IPFILTER* to be able to run ipf, and IPFIREWALL* to run ipfw.
But the kernel functionality needed to run them is probably very
much the same, so what am I missing? Didn't find this in the
Handbook. Which of these should I enable to run ipf(w)?
Point me to the docs, please.
device bpf # Berkeley packet filter
options IPSEC #IP security
options IPSEC_ESP #IP security (crypto; define w/ IPSEC)
options IPSEC_DEBUG #debug for IP security
options MROUTING # Multicast routing
options IPFIREWALL #firewall
options IPFIREWALL_FORWARD #enable transparent proxy support
#options IPFIREWALL_DEFAULT_TO_ACCEPT #allow everything by default
options IPDIVERT #divert sockets
options IPFILTER #ipfilter support
options IPFILTER_LOG #ipfilter logging
options IPFILTER_DEFAULT_BLOCK #block all packets by default
options IPSTEALTH #support for stealth forwarding
More information about the freebsd-questions