Skip site navigation (1)Skip section navigation (2)
Date:      Tue, 30 Dec 2003 20:40:18 -0800
From:      Jonathan Lin <j.l@telus.net>
To:        fbsd_user@a1poweruser.com
Cc:        questions@FreeBSD.org
Subject:   Re: ipf / pf
Message-ID:  <3FF25332.2080804@telus.net>
In-Reply-To: <MIEPLLIBMLEEABPDBIEGIEJAFCAA.fbsd_user@a1poweruser.com>
References:  <MIEPLLIBMLEEABPDBIEGIEJAFCAA.fbsd_user@a1poweruser.com>

next in thread | previous in thread | raw e-mail | index | archive | help
Thanks for the reply ... I did a bit more reading about it, and found 
that ipf used to be in openbsd, until some sort of license dispute.  
Then the openbsd people supposedly wrote their own pf ... so there's 
probably no relation between the two...

as for the scripting .. i'll probably have to look into that a little 
more before i do anything like that ... i'll just stick to plain old ipf 
rules for now ...

thanks again

fbsd_user wrote:

>PF has been just ported to FBSD. I don't know if ipf & pf have a
>common code background, but I do know pf & ipf have totally
>different rule processing logic though the rules do look some what
>common. When it comes to using variables on the rule set, that is
>just the normal function of shell processing. Ipfw, ipf, and pf can
>all be buried inside of an shell script and perform variable
>substitution.
>In FBSD the rc.conf statement for pointing to the directory location
>of the ipf rules can not process a script. You just point that
>rc.conf statement to an empty file just to get the system up. Then
>you have script in the startup application directory that executes
>to load the ipf rules.  Works great.
>
>-----Original Message-----
>From: owner-freebsd-questions@freebsd.org
>[mailto:owner-freebsd-questions@freebsd.org]On Behalf Of
>j.l@telus.net
>Sent: Tuesday, December 30, 2003 7:35 PM
>To: questions@FreeBSD.org
>Subject: ipf / pf
>
>Hi,
>
>Here's a question that might seem trivial:
>
>What's the relationship between the freebsd ipf and the openbsd pf?
>Are they
>the same thing, or are they separately developed branches of a
>common
>codebase?  Or maybe they are totally different.  I ask this because
>I was
>looking around for guides for ipf.rules, and some of the openbsd pf
>examples
>look similar, but some command syntax are different.  The openbsd
>pf.conf
>example had the ability to define variables of ip addresses,
>interface names,
>etc, but it doesn't seem to work with ipf.rules.  Is there any way
>to define
>variables in ipf.rules?
>
>please cc me in your responses cause I'm not subscribed to the list
>
>thanks so much
>jonathan
>
>
>
>_______________________________________________
>freebsd-questions@freebsd.org mailing list
>http://lists.freebsd.org/mailman/listinfo/freebsd-questions
>To unsubscribe, send any mail to
>"freebsd-questions-unsubscribe@freebsd.org"
>
>
>  
>



Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?3FF25332.2080804>