Site Navigation

Date:      Thu, 26 Feb 2004 13:57:13 -0500
From:      "JJB" <Barbish3@adelphia.net>
To:        "Shaun T. Erickson" <ste@ste-land.com>, <freebsd-questions@freebsd.org>
Subject:   RE: Looking for ipfw info.
Message-ID:  <MIEPLLIBMLEEABPDBIEGKENMFMAA.Barbish3@adelphia.net>
In-Reply-To: <403E38B3.9050401@ste-land.com>

---

next in thread | previous in thread | raw e-mail | index | archive | help

---

The problem with all those links is that what they write about is
outdated and complete mis-directs the reader into using IPFW's
legacy stateless rules when only stateful rules should be used to
get the max level of protection. They also completely ignore the
problem ipfw has with stateful rules not working when the
divert/naded subroutine call is used. IPFW has major legacy
stateful/NAT bug and ipfilter does not. Ipfilter provides an much
higher level of protection in an LAN environment than IPFW can ever
do in it's current state. Even the openbsd pf port is an better
firewall solution for a firewall with an LAN behind it then IPFW.

Please don't continue the FBSD's handbook mis-information about IPFW
being the only FBSD firewall solution or that it's the best
solution. The handbook is also way behind in it's content being
current and up to date.


-----Original Message-----
From: owner-freebsd-questions@freebsd.org
[mailto:owner-freebsd-questions@freebsd.org]On Behalf Of Shaun T.
Erickson
Sent: Thursday, February 26, 2004 1:20 PM
To: freebsd-questions@freebsd.org
Subject: Re: Looking for ipfw info.

I wrote:

> I have read the following 5 excellent articles on ipfw, by Dru
Lavigne.

I forgot to include the links. Here they are:

BSD Firewalls: IPFW
http://www.onlamp.com/pub/a/bsd/2001/04/25/FreeBSD_Basics.html

BSD Firewalls: IPFW Rulesets
http://www.onlamp.com/pub/a/bsd/2001/05/09/FreeBSD_Basics.html

BSD Firewalls: Fine-Tuning Rulesets
http://www.onlamp.com/pub/a/bsd/2001/06/01/FreeBSD_Basics.html

IPFW Logging
http://www.onlamp.com/pub/a/bsd/2001/06/21/FreeBSD_Basics.html

Monitoring IPFW Logs
http://www.onlamp.com/pub/a/bsd/2001/07/05/FreeBSD_Basics.html

        -ste

_______________________________________________
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to
"freebsd-questions-unsubscribe@freebsd.org"

---

Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?MIEPLLIBMLEEABPDBIEGKENMFMAA.Barbish3>

Legal Notices | © 1995-2024 The FreeBSD Project. All rights reserved.

Contact