From owner-freebsd-questions Tue Apr 27 23:39:48 1999 Delivered-To: freebsd-questions@freebsd.org Received: from askas.co.za (unknown [196.7.216.242]) by hub.freebsd.org (Postfix) with ESMTP id 4D3E615351 for ; Tue, 27 Apr 1999 23:39:35 -0700 (PDT) (envelope-from rudi@askas.co.za) Received: from askas.co.za(mirror[196.7.216.244]) (1480 bytes) by askas.co.za via sendmail with P:esmtp/R:bind_hosts/T:inet_zone_bind_smtp (sender: ) id for ; Wed, 28 Apr 1999 09:03:26 +0200 (SAST) (Smail-3.2.0.101 1997-Dec-17 #1 built 1998-Mar-22) Message-ID: <3726ACE1.22E9984B@askas.co.za> Date: Wed, 28 Apr 1999 08:38:25 +0200 From: Rudi Opperman X-Mailer: Mozilla 4.5 [en] (X11; I; FreeBSD 2.2.8-RELEASE i386) X-Accept-Language: en MIME-Version: 1.0 To: Anggara Nugroho Cc: "'freebsd-questions@freebsd.org'" Subject: Re: Firewall References: <01BE8FE0.8B62B220@NN> Content-Type: text/plain; charset=us-ascii Content-Transfer-Encoding: 7bit Sender: owner-freebsd-questions@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.ORG Anggara Nugroho wrote: > > what I must do if I want build a firewall with FreeBSD ? > because I'm very blind about FreeBSD and still learn of it > thank from the other responses i have read people have started you on the correct track - i have just one thing to add - ppp filters, ipfw and ipfilter are all, as far as i know, context based firewalls - ie they examine an ip packet under a set of rules and decide wether to let is pass or do something else (reject/redirect/log etc). However they never look at the contents / payload of the packet - only the context in which it exists. The other side of the coin is content processing - this is where the payload of the ip packet is examined - IMO a combination of content and context processing is best as these two techniques cmplement each other. bye rudi To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-questions" in the body of the message