Jay Moore jaymo at cromagnon.cullmail.com
Sun Feb 6 15:58:01 PST 2005

On Wednesday 02 February 2005 12:00 pm, Andy Firman wrote:
> The author of the FreeBSD handboodk prefers IPF (ipfilter) because
> its stateful rules are much less complicated....
> The author of "The Complete BSD" talks about IPFW (ipfirewall)
> only.  People on this list talk of PF (packetfilter) quite a bit.
> What is the most "commonly used" firewall for a web/email host
> server with a static IP address connected directly to the Internet?
> (protecting itself)
> What is the most "commonly used" firewall for a gateway/router/
> network firewall server in front of several other boxes?
> (protecting others and itself)


I like pf; I think it's a mature product that is well-maintained by some folks 
who seem to know what they're doing. It was "ported" to FreeBSD about a year 
ago IIRC. There is a good user's guide available at www.openbsd.org.

A little history: OpenBSD used to use ipf as its firewall. Major, major 
friction between the ipf author and OpenBSD proj leader motivated development 
of pf. Following post provides some background on this:



More information about the freebsd-questions mailing list