Date: Sat, 11 Dec 2004 19:26:59 +0200 From: McLone the Great <mclone@gmail.com> To: freebsd-pf@freebsd.org Subject: Re: ipfw vs ipfilter Message-ID: <451cb3010412110926238827de@mail.gmail.com> In-Reply-To: <451cb3010412110737382bf5d9@mail.gmail.com> References: <6.2.0.7.1.20041211171714.02128e78@pop.phreaker.net> <451cb3010412110737382bf5d9@mail.gmail.com>
next in thread | previous in thread | raw e-mail | index | archive | help
On Sat, 11 Dec 2004 17:22:38 +0300, Castl Troy <mastah@phreaker.net> wrote: > Can anybody help me with understanding the difference between > ipfilter(ipf) and ipfirewall (ipfw). the main differences is [imho] - ipf is last-match, ipfw is first-match filters - ipf runs on many unices, ipfw is FreeBSD project by last match i mean packet goes thru _all_ rules, and not exits processing chain after first successfull rule match like in ipchains/iptables > Any link to docs or info will greatly help me. obfuscation.org/ipf/ > I use FreeBSD for almost 5 years, but i used only ipfw for packet > routing and never use ipfilter for this. routing is done by kernel, not filter btw. > I wonder is it "internal" packet routing mechanism or maybe it is > just for compatibility with OpenBSD? as of 3.0 OpenBSD switched from ipf to PF (which i use on FreeBSD). Read openbsd.org/faq/pf/ - it's powerfull! -- wbr, |\ _,,,---,,_ dog bless ya! ` Zzz /,`.-'`' -. ;-;;,_ McLone at GMail dot com |,4- ) )-,_. ,\ ( `'-' net- and *BSD admin '---''(_/--' `-'\_) ...sorry for translit
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?451cb3010412110926238827de>