pf for FreeBSD

Philip Payne philip.payne at uk.mci.com
Tue Sep 28 05:47:56 PDT 2004 

IMHO its not very hard in FreeBSD 5.3 either now its in the base. The only
additional step to what you describe below is adding the kernel options &
building/installing the kernel to include them, which is only 2 commands.

However, some of the log analysis ports I've tried (fwanalog... & another
the name of which slips my mind, damn) do not work with the FreeBSD
implementation of tcpdump :-(

I suppose, with OpenBSD's complete focus on security if I was building a
dedicated firewall I would very probably select OpenBSD. Depends what other
things Cristi is using FreeBSD for. 

Phil.

> -----Original Message-----
> From: shane mullins [mailto:tsmullins at optidynamic.com]
> Sent: 28 September 2004 13:34
> To: Cristi Tauber
> Cc: freebsd-questions at freebsd.org
> Subject: Re: pf for FreeBSD
> 
> 
>     Why not just run OpenBSD if you want to use pf?  I use 
> both Free and 
> OpenBSD.  But, pf is much easier to set up on OpenBSD.  Just install 
> OpenBSD, enable routing, enable pf in rc.conf and you are done.
> 
> Shane
> 
> 
> 
> 
> ----- Original Message ----- 
> From: "Cristi Tauber" <cristi.tauber at sbhost.ro>
> To: "FreeBSD Question" <freebsd-questions at freebsd.org>
> Sent: Tuesday, September 28, 2004 12:54 AM
> Subject: pf for FreeBSD
> 
> 
> >            hello folks,
> >    i want to install the packet filter for FreeBSD so i 
> recompile the
> > kernel with the options :
> >
> > device          bpf
> > options         PFIL_HOOKS
> > options         RANDOM_IP_ID
> >
> >     and installed pf from ports ( i did a cvsup before installing to
> > get the latest ports). Now my dilemma is ... in pf start 
> script ... i
> > have to enter a prefix ... but what prefix, 'cause after 
> installing and
> > rebooting .... the modules that I want to load are still in source
> > directory . I installed pf with
> >
> >   make  WITH_ALTQ=yes
> >   make install
> >
> >          after a deinstall I can't install it anymore, the install
> > crashes with the error that is allready installed !!
> >
> >               What can I do ??/
> >
> >                Cristi
> >
> >
> >
> >
> > _______________________________________________
> > freebsd-questions at freebsd.org mailing list
> > http://lists.freebsd.org/mailman/listinfo/freebsd-questions
> > To unsubscribe, send any mail to 
> > "freebsd-questions-unsubscribe at freebsd.org" 
> 
> _______________________________________________
> freebsd-questions at freebsd.org mailing list
> http://lists.freebsd.org/mailman/listinfo/freebsd-questions
> To unsubscribe, send any mail to 
> "freebsd-questions-unsubscribe at freebsd.org"
>

More information about the freebsd-questions mailing list