From owner-freebsd-questions  Mon Jul 10 17:20:17 2000
Delivered-To: freebsd-questions@freebsd.org
Received: from lerami.lerctr.org (lerami.lerctr.org [207.158.72.11])
	by hub.freebsd.org (Postfix) with ESMTP id 582F937B614
	for <freebsd-questions@freebsd.org>; Mon, 10 Jul 2000 17:20:12 -0700 (PDT)
	(envelope-from ler@lerctr.org)
Received: (from ler@localhost)
	by lerami.lerctr.org (8.10.1/8.10.1/20000708) id e6B0K9U23644;
	Mon, 10 Jul 2000 19:20:09 -0500 (CDT)
From: Larry Rosenman <ler@lerctr.org>
Message-Id: <200007110020.e6B0K9U23644@lerami.lerctr.org>
Subject: Re: ipfilter vs ipfw
In-Reply-To: <200007110014.UAA31175@tisch.mail.mindspring.net>
 "from Carlton Haycock at Jul 10, 2000 08:22:02 pm"
To: Carlton Haycock <chaycock1@mindspring.com>
Date: Mon, 10 Jul 2000 19:20:09 -0500 (CDT)
Cc: freebsd-questions@freebsd.org
X-Mailer: ELM [version 2.4ME+ PL79 (25)]
MIME-Version: 1.0
Content-Transfer-Encoding: 7bit
Content-Type: text/plain; charset=US-ASCII
Sender: owner-freebsd-questions@FreeBSD.ORG
Precedence: bulk
X-Loop: FreeBSD.ORG

Seems that IPFilter does BETTER stateful rules than a "hack" (a friends term) 
to IPFW to do dynamic rules. 

From running ipfw for a short time, I've converted over to ipfilter. 

I just wish the rc* scripts supported ipfilter better, and that there
was some standard reporting mechanism for the logging output like there
is for ipfw. 

Larry Rosenman
> 
> Hello,
> 
> I am in the process of building a firewall using FreeBsd.  I am aware of the firewall
> built into the kernel (ipfw), but I also see alot of people talking about another package
> called IPFILTER.  I have seen comments stating that IPFILTER is better, but no one
> has yet to say why or why they prefer it.  I would be most appreciative if someone
> could give a brief overview of the differences as far as functionality is concerned.  
> I have read the how-to's and stuff on FreeBsd Diary but can find nothing that does
> a comparison of the two.
> 
> Thanks,
> Carlton
> 
> 
> 
> 
> 
> 
> 
> To Unsubscribe: send mail to majordomo@FreeBSD.org
> with "unsubscribe freebsd-questions" in the body of the message


-- 
Larry Rosenman                      http://www.lerctr.org/~ler
Phone: +1 972-414-9812 (voice) Internet: ler@lerctr.org
US Mail: 1905 Steamboat Springs Drive, Garland, TX 75044-6749


To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-questions" in the body of the message