From owner-freebsd-questions  Fri Oct 12 10:23:23 2001
Delivered-To: freebsd-questions@freebsd.org
Received: from pickup2-ld.pvd.loa.net (pickup.loa.com [199.171.167.59])
	by hub.freebsd.org (Postfix) with SMTP id 4DE9537B407
	for <freebsd-questions@FreeBSD.ORG>; Fri, 12 Oct 2001 10:23:13 -0700 (PDT)
Received: (qmail 424 invoked by uid 0); 12 Oct 2001 17:23:12 -0000
Received: from unknown (HELO pretorian) ([208.130.43.221]) (envelope-sender <?>)
          by pickup2-ld.pvd.loa.net (qmail-ldap-1.03) with SMTP
          for <>; 12 Oct 2001 17:23:12 -0000
Message-ID: <008f01c15342$964a8e60$24b4a8c0@pretorian>
From: "Maine LOA List Admin (Brent Bailey)" <brentb@loa.com>
To: "Henrik Holmstam" <turbo@lamering.org>,
	"Kenneth Wayne Culver" <culverk@wam.umd.edu>
Cc: "Alfatrion" <alfatrion@cybertron.tmfweb.nl>,
	"Hartmann, O." <ohartman@klima.physik.uni-mainz.de>,
	<freebsd-stable@FreeBSD.ORG>, <freebsd-questions@FreeBSD.ORG>
References: <20011012185458.K69352-100000@darkwing.turbo.net>
Subject: Re: IPFW or IPFILTER?
Date: Fri, 12 Oct 2001 13:23:19 -0400
Organization: Log On America
MIME-Version: 1.0
Content-Type: text/plain;
	charset="iso-8859-1"
Content-Transfer-Encoding: 7bit
X-Priority: 3
X-MSMail-Priority: Normal
X-Mailer: Microsoft Outlook Express 5.50.4807.1700
X-MimeOLE: Produced By Microsoft MimeOLE V5.50.4807.1700
Sender: owner-freebsd-questions@FreeBSD.ORG
Precedence: bulk
List-ID: <freebsd-questions.FreeBSD.ORG>
List-Archive: <http://docs.freebsd.org/mail/> (Web Archive)
List-Help: <mailto:majordomo@FreeBSD.ORG?subject=help> (List Instructions)
List-Subscribe: <mailto:majordomo@FreeBSD.ORG?subject=subscribe%20freebsd-questions>
List-Unsubscribe: <mailto:majordomo@FreeBSD.ORG?subject=unsubscribe%20freebsd-questions>
X-Loop: FreeBSD.ORG

good question
----- Original Message -----
From: "Henrik Holmstam" <turbo@lamering.org>
To: "Kenneth Wayne Culver" <culverk@wam.umd.edu>
Cc: "Alfatrion" <alfatrion@cybertron.tmfweb.nl>; "Maine LOA List Admin
(Brent Bailey)" <brentb@loa.com>; "Hartmann, O."
<ohartman@klima.physik.uni-mainz.de>; <freebsd-stable@FreeBSD.ORG>;
<freebsd-questions@FreeBSD.ORG>
Sent: Friday, October 12, 2001 12:56 PM
Subject: Re: IPFW or IPFILTER?


>
> Can IPFW keep state on UDP and ICMP as IPFilter can?
>
>
> On Fri, 12 Oct 2001, Kenneth Wayne Culver wrote:
>
> > On Fri, 12 Oct 2001, Alfatrion wrote:
> >
> > > Maine LOA List Admin (Brent Bailey) wrote:
> > >
> > > > I tried IPFILTER for awhile ...and it very easy to use...but ..in my
opinion
> > > > it isnt as configurable as IPFW.
> > > > IPFW is a little more to setup ...but still pretty easy ...and the
syntax
> > > > isnt that hard to understand. Its best feature is its VERY
> > > > configurable...and as long as you keep logging to a minimum ...it
doesnt use
> > > > alot of resources.
> > > > Seems its memeory intensive than anything ...running a firewall that
is
> > > >
> > >
> > > I find IPF more configurable as IPFW. I don't know how to do the
> > > folowing in IPFW: pass out quick on tun0 proto tcp from any to any
keep
> > > state.
> > >
> > IPFW has state keeping, but I don't think it's anywhere as easy to get
it
> > working right.
> >
> > Ken
> >
> > > Alex
> > >
> > >
> > >
> > >
> > > To Unsubscribe: send mail to majordomo@FreeBSD.org
> > > with "unsubscribe freebsd-questions" in the body of the message
> > >
> >
> >
> > To Unsubscribe: send mail to majordomo@FreeBSD.org
> > with "unsubscribe freebsd-stable" in the body of the message
> >
>
>


To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-questions" in the body of the message