From owner-freebsd-questions@FreeBSD.ORG Wed Mar 19 23:45:14 2008 Return-Path: Delivered-To: freebsd-questions@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id 99125106566B for ; Wed, 19 Mar 2008 23:45:14 +0000 (UTC) (envelope-from erikt@midgard.homeip.net) Received: from ch-smtp01.sth.basefarm.net (ch-smtp01.sth.basefarm.net [80.76.149.212]) by mx1.freebsd.org (Postfix) with ESMTP id 45A148FC16 for ; Wed, 19 Mar 2008 23:45:14 +0000 (UTC) (envelope-from erikt@midgard.homeip.net) Received: from c83-253-25-183.bredband.comhem.se ([83.253.25.183]:61324 helo=falcon.midgard.homeip.net) by ch-smtp01.sth.basefarm.net with esmtp (Exim 4.68) (envelope-from ) id 1Jc7y5-0005Kp-4R for freebsd-questions@freebsd.org; Thu, 20 Mar 2008 00:45:13 +0100 Received: (qmail 94370 invoked from network); 19 Mar 2008 21:58:29 +0100 Received: from owl.midgard.homeip.net (10.1.5.7) by falcon.midgard.homeip.net with ESMTP; 19 Mar 2008 21:58:29 +0100 Received: (qmail 71755 invoked by uid 1001); 19 Mar 2008 21:58:29 +0100 Date: Wed, 19 Mar 2008 21:58:29 +0100 From: Erik Trulsson To: David Alanis Message-ID: <20080319205829.GA71718@owl.midgard.homeip.net> Mail-Followup-To: David Alanis , Christopher Cowart , freebsd-questions@freebsd.org References: <18401.29043.824662.173177@jerusalem.litteratus.org> <200803191516.59344.josh@tcbug.org> <20080319202159.GI39509@hal.rescomp.berkeley.edu> <20080319155112.fmd1lzn688w8c4s8@mail.dalan.us> MIME-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline In-Reply-To: <20080319155112.fmd1lzn688w8c4s8@mail.dalan.us> User-Agent: Mutt/1.5.17 (2007-11-01) X-Originating-IP: 83.253.25.183 X-Scan-Result: No virus found in message 1Jc7y5-0005Kp-4R. X-Scan-Signature: ch-smtp01.sth.basefarm.net 1Jc7y5-0005Kp-4R 6869edc75c5f492ef2012c2445a0f6d9 Cc: freebsd-questions@freebsd.org, Christopher Cowart Subject: Re: confusion configuring NAT X-BeenThere: freebsd-questions@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: User questions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 19 Mar 2008 23:45:14 -0000 On Wed, Mar 19, 2008 at 03:51:12PM -0500, David Alanis wrote: > Being I am a newcomer to freeBSD, on my first install google turned up a > how to for getting my box on the Internet as a firewall/DHCP/DNS server. > Since, I've been learning the packet filtering program (pf). Everytime I > read a question on ipfw I quickly get confused. > > What are the major advantages one over the other? I hope not to sound > biased but pf seems more user friendly, easier to implement, and less > verbose? Ipfw is much older than pf, so for many years the big advantage of ipfw was that it existed, while pf did not. :-) Today many people already know how to use ipfw and for them the advantage of ipfw over pf is that there is no need to learn a new system. If you are new to both ipfw and pf, there is not much reason not to use pf. -- Erik Trulsson ertr1013@student.uu.se