From owner-freebsd-questions Mon Oct 30 0:34:14 2000 Delivered-To: freebsd-questions@freebsd.org Received: from mx7.port.ru (mx7.port.ru [194.67.23.44]) by hub.freebsd.org (Postfix) with ESMTP id 4193F37B479 for ; Mon, 30 Oct 2000 00:34:10 -0800 (PST) Received: from [212.96.98.37] (helo=[212.96.98.37]) by mx7.port.ru with esmtp (Exim 3.14 #9) id 13qANx-0003xs-00; Mon, 30 Oct 2000 11:33:48 +0300 Date: Mon, 30 Oct 2000 11:37:14 +0300 (MSK) From: Jaroshenko Serge X-Sender: jaroshenko@freebsd.merlin.ru To: Chris Browning Cc: James Wilde , FreeBSD-questions@FreeBSD.ORG Subject: Re: IPFW vs IP-Filter In-Reply-To: <39FCD635.9BA3A1B7@prokyon.com> Message-ID: MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII Sender: owner-freebsd-questions@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.ORG On Sun, 29 Oct 2000, Chris Browning wrote: > > I picked up an extra low-end box and was just about to begin > playing with ipf. I've been using ipfw for about 9 months > and have been happy, but, you know... > > If I'm not mistaken, I interpret this post as saying that I > need the ipfw kernel options to run ipf. No. For ipfilter only need: options IPFILTER #ipfilter support options IPFILTER_LOG #ipfilter logging Also You may be want include: options IPFILTER_DEFAULT_BLOCK This give You firewall that default blocking all packets arrive your all network interface. For more information about ipfilter see ipf-howto.txt on the site http://www.obfuscation.org/ipf/ Best regards! Sorry for my bad english! Serge. > I had assumed that > only the ipf options were necessary. What's up here? I'm > glad I ran across this. > > -- > ------------------------ > Chris Browning > brownicm@prokyon.com > ------------------------ > > > To Unsubscribe: send mail to majordomo@FreeBSD.org > with "unsubscribe freebsd-questions" in the body of the message > > To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-questions" in the body of the message