Date: Wed, 23 May 2001 16:46:38 +0100 From: Rasputin <rara.rasputin@virgin.net> To: clemensF <rabat@web.de> Cc: questions@freebsd.org Subject: Re: ipfilter in kernel versions > 3 ? Message-ID: <20010523164638.B42937@dogma.freebsd-uk.eu.org> In-Reply-To: <20010523173940.A1704@spotteswoode.yi.org>; from rabat@web.de on Wed, May 23, 2001 at 05:39:40PM %2B0200 References: <20010523173940.A1704@spotteswoode.yi.org>
next in thread | previous in thread | raw e-mail | index | archive | help
* clemensF <rabat@web.de> [010523 16:40]: > besides ipfw(8) there is another popular firewall package: ipfilter > (ip-fil3.4.17.tar.gz) by darren reed. like ipfirewall(4), it contains > utilities for defining rule sets and administration. it's documentation > states it to be part of freebsd systems versioned 3 and up, but i found no > trace of it in my freebsd 4.0 STABLE. > ipfilter is quite portable and the source distribution contains kernel > source-patches for a dozen systems. > > [] is ipfilter just another interface to the kernels ip functions which > can be used independently without interference? how do the systems > interact? I think they're at least partly separate, since ipfilter has had stateful packet inspection for longer than ipfw. Although they no doubt hook into the TCP stack in roughly the same places. > [] after applying ipfilter's patches to the kernel sources i lost my > backups, which is unfortunate, because they were already patched with > several sets, one of which was hand-crafted and can't be restored, so > installing them from the cd-roms won't do. Uh, ipfilter has been in the base sytem for donkey's years (well, since 4.0 when I started using BSD) Darren Reed has commit access to our kernel tree, < we got the last hole in IPF fixed before OpenBSD for this reason; I know it's not relevant but I never tire of saying it :) > so patches wouldn't normally be neccessary if you track STABLE with cvsup. > [] where can i find a set of kernel sources for freebsd-current? see the Handbook. > [] where can i find good and detailed HOWTO's, FAQ's and usage > documentations? i need online-info about rules, the administration of > firewalled systems and experience reports for all sizes and scales. I don't use ipfw, but there's an excellent howto on ipf at http://www.obfuscation.org/ipf (this document was the reason I left the Penguinistas) -- Rasputin :: Jack of All Trades - Master of Nuns :: To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-questions" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20010523164638.B42937>