Date: Mon, 10 Oct 2005 08:18:19 -0700 From: "Brian E. Conklin" <bconklin@masongeneral.com> To: "Mark Cullen" <mark.r.cullen@gmail.com> Cc: freebsd-questions@freebsd.org Subject: RE: Converting from IPFW to IPFILTER Message-ID: <CA513920FC73A14B964AB258D77EA8D6A4474D@mx1.masongeneral.com>
next in thread | raw e-mail | index | archive | help
> -----Original Message----- > From: Mark Cullen [mailto:mark.r.cullen@gmail.com]=20 > Sent: Friday, October 07, 2005 2:59 AM > To: Charles Swiger > Cc: Brian E. Conklin; freebsd-questions@freebsd.org > Subject: Re: Converting from IPFW to IPFILTER >=20 >=20 > Charles Swiger wrote: > > On Oct 6, 2005, at 5:44 PM, Brian E. Conklin wrote: > >=20 > >> I am getting ready to switch a FreeBSD 4.11 machine=20 > from IPFW to > >> IPFILTER for better FTP and NAT support. > >=20 > >=20 > > Hmm. Is there something natd doesn't handle for your case...? > >=20 > >> I currently have IPFW compiled into the kernel. > >> Do I need to recompile a kernel without IPFW before I=20 > can enable=20 > >> IPF? > >> Can I just set IPFW to allow everything by default? > >> Thanks in advance for your advice. > >=20 >=20 > You can have IPFW and IPF active at the same time, yes. >=20 So I am assuming because IPFW is built into the kernel with a "default = to deny" option, I will need an IPFW rule allowing everything? Or, can I = change my rc.conf to have IPFIREWALL_ENABLE=3D"NO"? > >=20 > > If you're going to switch to using IPF, you might want to consider =20 > > upgrading or reinstalling the OS to 5.4 instead of 4.11. > >=20 >=20 > Are there any particular reasons why you suggest switching=20 > from 4.11 to=20 > 5.4 if going from IPFW to IPF? Because I have just converted=20 > from IPFW2=20 > to IPF on 4.11-STABLE... >=20 > I did notice that IPF appears to be a rather old version.=20 > 3.something,=20 > where the latest version of IPF is 4.something. Is this the reason? >=20 ====================================================================== Mason General Hospital 901 Mt. View Drive PO Box 1668 Shelton, WA 98584 http://www.masongeneral.com (360) 426-1611 ====================================================================== This message is intended for the sole use of the individual and entity to whom it is addressed and may contain information that is privileged, confidential and exempt from disclosure under applicable law. If you are not the addressee nor authorized to receive for the addressee, you are hereby notified that you may not use, copy, disclose or distribute to anyone this message or any information contained in the message. If you have received this message in error, please immediately notify the sender and delete the message. Replying to this message constitutes consent to electronic monitoring of this message. Thank you.
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?CA513920FC73A14B964AB258D77EA8D6A4474D>