Difference between ipf/ipfw and ipnat/natd
Han Hwei Woo
hhwoo at argosy.ca
Fri Jun 27 07:04:31 PDT 2003
----- Original Message -----
From: "Andreas Dahlén" <andreas.dahlen at nbit.sigma.se>
To: <freebsd-questions at freebsd.org>
Sent: Thursday, June 26, 2003 6:03 AM
Subject: Difference between ipf/ipfw and ipnat/natd
> Hello!
>
> I'm going to install FreeBSD 4.8 as a firewall/gateway for my homenetwork.
>
> I've seen that there are two implementations of firewalls in FreeBSD;
> ipf and ipfw and fot NAT ipnat/natd.
>
> As I understand ipf and ipnat works together and ipfw and natd. Is that
> correct?
Yes, that is correct.
>
> Which one of them should I use?
> Is there some major differences between them?
ipfw is a part of FreeBSD, whereas ipfilter is written by Darren Reed and
runs not only on FreeBSD, but also on OpenBSD, NetBSD, Solaris (and perhaps
others?) if I recall correctly. If you plan to take advantage of the builtin
rc scripts to run a predefined set of firewall rules, you'll probably want
to stick with ipfw/natd.
Also, just fyi ipfw is fairly conventional: the first firewall rule that
matches will apply whereas with ipfilter, the last matching rule will apply
unless you specify "quick".
>
> /Andreas
>
> _______________________________________________
> freebsd-questions at freebsd.org mailing list
> http://lists.freebsd.org/mailman/listinfo/freebsd-questions
> To unsubscribe, send any mail to
"freebsd-questions-unsubscribe at freebsd.org"
>
More information about the freebsd-questions
mailing list