FreeBSD - Secure by DEFAULT ?? [hosts.allow]
Peter C. Lai
sirmoo at cowbert.2y.net
Fri Aug 8 15:49:50 PDT 2003
What are you meaning by "native"? They both exist as part of the base FreeBSD
kernel; so in that sense, both ipf and ipfw are "native" to FreeBSD. I don't
see how this argument is appropriate for choosing one over the other anyway.
On Thu, Aug 07, 2003 at 06:22:55PM -0400, Zvezdan Petkovic wrote:
> On Thu, Aug 07, 2003 at 01:59:27PM -0700, Chris Odell wrote:
> >
> > But why IPFW? IPF is *BSD native wall. I actually use both - IPF for
> > firewalling, and IPFW for throttling via dummy net. My recommended
> > reading for IPF and IPFW is "Building Linux and OpenBSD Firewalls"...
>
> Where did you get this information?
>
> Native firewall for FreeBSD is ipfw, AFAIK. It's even used on OS X as a
> native firewall, due to Darwin's FreeBSD roots.
>
> Also, OpenBSD stopped using ipf four releases ago. The native firewall
> for OpenBSD is pf. pf inherited much of the syntax from ipf, but also
> extended it and added some features.
>
> That said, I personally find ipf quite a good stateful firewall and its
> syntax can feel more natural than ipfw syntax. It also works on Solaris
> and other OS's besides *BSDs.
>
> --
> Zvezdan Petkovic <zvezdan at cs.wm.edu>
> http://www.cs.wm.edu/~zvezdan/
> _______________________________________________
> freebsd-security at freebsd.org mailing list
> http://lists.freebsd.org/mailman/listinfo/freebsd-security
> To unsubscribe, send any mail to "freebsd-security-unsubscribe at freebsd.org"
--
Peter C. Lai
University of Connecticut
Dept. of Molecular and Cell Biology
Yale University School of Medicine
SenseLab | Research Assistant
http://cowbert.2y.net/
More information about the freebsd-security
mailing list