Date: 14 Sep 2003 19:10:59 -0000 From: Scott Ballantyne <sdb@ssr.com> To: freebsd-questions@freebsd.org Subject: Re: firewall Message-ID: <20030914191059.21983.qmail@ssr.com> In-Reply-To: <MIEPLLIBMLEEABPDBIEGIENJEFAA.fbsd_user@a1poweruser.com> References: <MIEPLLIBMLEEABPDBIEGIENJEFAA.fbsd_user@a1poweruser.com>
next in thread | previous in thread | raw e-mail | index | archive | help
"fbsd_user" <fbsd_user@a1poweruser.com> writes: > I know that the FBSD handbook gives the reader the impression that > IPFW is the only firewall available to FBSD, but that is a false > impression. FBSD has IPFILTER which is also a built in firewall. PF is also in ports, which is interesting. That's appealing because it provides an option to use tables rather than lists. I've heard good thinks about IPF. > like IPFW and the netbsd firewall IPF has been ported to FBSD so > there other options. I have used both IPFW and IPFILTER, IPFW's keep > state rules do not function correctly on a DSL or cable internet > connection, it has just been upgraded in FBSD 5.2 with a lot fluff > that does nothing but confuses the general user. > I'm interested to hear what the problem is with IPFW and keep-state, they have been working fine here, as far as I can tell. I have never used IPFW with ppp, but it looks like the original poster needs to provide a natd_interface, so that a divert rule gets enabled. Note that all the addresses he uses on his lan were RFC1918 ones. sdb -- sdb@ssr.com
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20030914191059.21983.qmail>