From owner-freebsd-stable  Mon Aug 21  8:49:12 2000
Delivered-To: freebsd-stable@freebsd.org
Received: from ntua.gr (achilles.noc.ntua.gr [147.102.222.210])
	by hub.freebsd.org (Postfix) with ESMTP id A103C37B424
	for <freebsd-stable@FreeBSD.ORG>; Mon, 21 Aug 2000 08:49:03 -0700 (PDT)
Received: from netmode.ece.ntua.gr (dolly.netmode.ece.ntua.gr [147.102.13.10])
	by ntua.gr (8.9.3/8.9.3) with ESMTP id SAA29801;
	Mon, 21 Aug 2000 18:48:58 +0300 (EET DST)
Received: by netmode.ece.ntua.gr (Postfix, from userid 410)
	id 8E9FC85C3; Mon, 21 Aug 2000 18:34:49 +0300 (EET DST)
Date: Mon, 21 Aug 2000 18:34:49 +0300
From: Panagiotis Astithas <past@netmode.ntua.gr>
To: Shawn Barnhart <swb@grasslake.net>
Cc: freebsd-stable@FreeBSD.ORG
Subject: Re: ipfilter v. ipfw
Message-ID: <20000821183449.B20824@netmode.ece.ntua.gr>
Reply-To: past@netmode.ntua.gr
Mail-Followup-To: Shawn Barnhart <swb@grasslake.net>,
	freebsd-stable@FreeBSD.ORG
References: <000f01c00939$0dd7b480$b8209fc0@marlowe><Pine.BSF.4.21.0008181054250.90214-100000@harlie.bfd.com><20000818141256.A29131@pir.net> <14749.32249.842000.944007@jef-nt.mdacc.tmc.edu> <002301c00946$67bd8c10$b8209fc0@marlowe>
Mime-Version: 1.0
Content-Type: text/plain; charset=us-ascii
X-Mailer: Mutt 1.0i
In-Reply-To: <002301c00946$67bd8c10$b8209fc0@marlowe>; from swb@grasslake.net on Fri, Aug 18, 2000 at 01:59:14PM -0500
X-Organizational-Unit: Network Management and Optimal Design Laboratory
X-Organization: National Technical University of Athens, GREECE
X-Work-Phone: +30-1-772-1-450
X-Work-FAX: +30-1-772-1-452
Sender: owner-freebsd-stable@FreeBSD.ORG
Precedence: bulk
X-Loop: FreeBSD.ORG

On Fri, Aug 18, 2000 at 01:59:14PM -0500, Shawn Barnhart wrote:
> While I'm creating a potential religious debate, does ipfilter allow you
> to output your rules in a format that enables them to be read in by ipf?
> In other words, can you do ipf list > foo and then do ipf add -f foo ?
> 
> One thing that bugs me about ipfw is that I've ended up rolling my own
> script to rebuild my firewall rules at boot time from a file created by
> doing ipfw list.
> 
> (I keep thinking that there must be a smarter way to do this, but I'm
> either too lazy or blind to see it).

What I do is specify firewall_type="/etc/firewall.rules" in rc.conf, and
add the rules in there.

-past


To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-stable" in the body of the message