From owner-freebsd-questions@FreeBSD.ORG Fri Jun 27 07:04:31 2003 Return-Path: Delivered-To: freebsd-questions@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id B95BA37B401 for ; Fri, 27 Jun 2003 07:04:30 -0700 (PDT) Received: from argosy.ca (www.argosy.ca [138.73.18.1]) by mx1.FreeBSD.org (Postfix) with ESMTP id F03C343FFB for ; Fri, 27 Jun 2003 07:04:29 -0700 (PDT) (envelope-from hhwoo@argosy.ca) Received: from a7n8x (mctn1-2698.nb.aliant.net [156.34.186.138]) by argosy.ca (8.12.9/8.12.9) with SMTP id h5RE4Ot2031436; Fri, 27 Jun 2003 11:05:31 -0300 (ADT) (envelope-from hhwoo@argosy.ca) Message-ID: <00dd01c33cb5$1393db30$0200a8c0@a7n8x> From: "Han Hwei Woo" To: =?iso-8859-1?Q?Andreas_Dahl=E9n?= , References: <3EFAB6F6.9080306@nbit.sigma.se> Date: Fri, 27 Jun 2003 11:03:43 -0300 MIME-Version: 1.0 Content-Type: text/plain; charset="iso-8859-1" Content-Transfer-Encoding: 8bit X-Priority: 3 X-MSMail-Priority: Normal X-Mailer: Microsoft Outlook Express 6.00.2800.1158 X-MimeOLE: Produced By Microsoft MimeOLE V6.00.2800.1165 Subject: Re: Difference between ipf/ipfw and ipnat/natd X-BeenThere: freebsd-questions@freebsd.org X-Mailman-Version: 2.1.1 Precedence: list List-Id: User questions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Fri, 27 Jun 2003 14:04:31 -0000 ----- Original Message ----- From: "Andreas Dahlén" To: Sent: Thursday, June 26, 2003 6:03 AM Subject: Difference between ipf/ipfw and ipnat/natd > Hello! > > I'm going to install FreeBSD 4.8 as a firewall/gateway for my homenetwork. > > I've seen that there are two implementations of firewalls in FreeBSD; > ipf and ipfw and fot NAT ipnat/natd. > > As I understand ipf and ipnat works together and ipfw and natd. Is that > correct? Yes, that is correct. > > Which one of them should I use? > Is there some major differences between them? ipfw is a part of FreeBSD, whereas ipfilter is written by Darren Reed and runs not only on FreeBSD, but also on OpenBSD, NetBSD, Solaris (and perhaps others?) if I recall correctly. If you plan to take advantage of the builtin rc scripts to run a predefined set of firewall rules, you'll probably want to stick with ipfw/natd. Also, just fyi ipfw is fairly conventional: the first firewall rule that matches will apply whereas with ipfilter, the last matching rule will apply unless you specify "quick". > > /Andreas > > _______________________________________________ > freebsd-questions@freebsd.org mailing list > http://lists.freebsd.org/mailman/listinfo/freebsd-questions > To unsubscribe, send any mail to "freebsd-questions-unsubscribe@freebsd.org" >