From owner-freebsd-stable Mon Oct 9 8:29:30 2000 Delivered-To: freebsd-stable@freebsd.org Received: from thehousleys.net (frenchknot.ne.mediaone.net [24.147.224.201]) by hub.freebsd.org (Postfix) with ESMTP id 5CB6437B502 for ; Mon, 9 Oct 2000 08:29:26 -0700 (PDT) Received: from thehousleys.net (baby.int.thehousleys.net [192.168.0.24]) by thehousleys.net (8.11.0/8.11.0) with ESMTP id e99FTKQ48359 for ; Mon, 9 Oct 2000 11:29:20 -0400 (EDT) (envelope-from jim@thehousleys.net) Message-ID: <39E1E44F.CD668446@thehousleys.net> Date: Mon, 09 Oct 2000 11:29:19 -0400 From: James Housley X-Mailer: Mozilla 4.75 [en] (X11; U; Linux 2.2.12 i386) X-Accept-Language: en MIME-Version: 1.0 Cc: freebsd-stable@FreeBSD.ORG Subject: Re: ipf vs. ipfw ? References: Content-Type: text/plain; charset=us-ascii Content-Transfer-Encoding: 7bit Sender: owner-freebsd-stable@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.ORG I have used ipfw because when I started ipfilter was only in the ports. I have tried several times to use ipfilter but have been unable to figure out how. The rules for ipfw are fairly simple and are processed in order. It is easy for me to understand, write and debug them, bit plus. I have not been able to wrap my mind around ipfilter's rules. I have spent about an hour total and just don't get it completely. Some of the documentation was sparse last time I checked. From looking it seems it might be more powerful, but recently ipfw added stateful rules. These are just my observations and experiences. Jim -- jeh@FreeBSD.org http://www.FreeBSD.org The Power to Serve jim@TheHousleys.Net http://www.TheHousleys.net --------------------------------------------------------------------- Unix is like a wigwam -- no Gates, no Windows, and an Apache inside. To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-stable" in the body of the message