From owner-freebsd-questions@FreeBSD.ORG Sat May 3 00:25:14 2008 Return-Path: Delivered-To: freebsd-questions@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id C056F1065676 for ; Sat, 3 May 2008 00:25:14 +0000 (UTC) (envelope-from v.velox@vvelox.net) Received: from vulpes.vvelox.net (vulpes.vvelox.NET [74.200.198.26]) by mx1.freebsd.org (Postfix) with ESMTP id 9A9EB8FC1F for ; Sat, 3 May 2008 00:25:14 +0000 (UTC) (envelope-from v.velox@vvelox.net) Received: from vixen42 (c-68-51-74-1.hsd1.il.comcast.net [68.51.74.1]) (Authenticated sender: v.velox) by vulpes.vvelox.net (Postfix) with ESMTP id E0D0FB839; Fri, 2 May 2008 19:09:34 -0500 (CDT) Date: Fri, 2 May 2008 19:12:23 -0500 From: "Zane C.B." To: perikillo Message-ID: <20080502191223.768925f3@vixen42> In-Reply-To: <51d7a5160804290951p43cd3bbfw91c968bf5247c6ba@mail.gmail.com> References: <05B6619C-9771-41EA-B43E-05DB40CB3258@lafn.org> <48162A6E.8050607@cran.org.uk> <51d7a5160804290951p43cd3bbfw91c968bf5247c6ba@mail.gmail.com> X-Mailer: Claws Mail 3.4.0 (GTK+ 2.12.9; i386-portbld-freebsd6.3) Mime-Version: 1.0 Content-Type: text/plain; charset=US-ASCII Content-Transfer-Encoding: 7bit Cc: FreeBSD Mailing List Subject: Re: Firewalls X-BeenThere: freebsd-questions@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: User questions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sat, 03 May 2008 00:25:14 -0000 On Tue, 29 Apr 2008 09:51:29 -0700 perikillo wrote: > On Mon, Apr 28, 2008 at 12:50 PM, Bruce Cran > wrote: > > > Doug Hardie wrote: > > > > > FreeBSD supports 3 firewalls: IPF, IPFW, and PF. Some time ago > > > (perhaps years) I seem to recall some discussion that one or > > > more of those was better maintained and higher quality than the > > > others. I don't see any indications of this in the handbook. > > > Several years ago I needed to do traffic shaping and used IPFW > > > with dummynet. It worked but the need eventually went away. > > > More recently I needed to incorporate spamd which defaults to > > > PF so I used that. However, now I am back to needing traffic > > > shaping again. I suspect trying to use both PF and IPFW > > > simultaneously will not be a good approach. In addition, there > > > now are instructions for using spamd with IPFW so it appears > > > that either PF or IPFW will do what I need. Is there any > > > additional information available to assist in selecting between > > > those? Thanks. > > > > > > > As I understand it pf is often found to be easiest to use and has > > lots of features like altq and os fingerprinting but is quite a > > bit slower than ipfw. > > > > -- > > Bruce > > > > _______________________________________________ > > freebsd-questions@freebsd.org mailing list > > http://lists.freebsd.org/mailman/listinfo/freebsd-questions > > To unsubscribe, send any mail to " > > freebsd-questions-unsubscribe@freebsd.org" > > > > Reading this post, i have some doubt, how is IPFW support for VoIP > packets, can do traffic shaping?, i read that PF can do that, I'm > right? What exactly are you looking to do in this area?