From owner-freebsd-questions Sun Feb 25 9:48:50 2001 Delivered-To: freebsd-questions@freebsd.org Received: from femail3.rdc1.on.home.com (femail3.rdc1.on.home.com [24.2.9.90]) by hub.freebsd.org (Postfix) with ESMTP id 6954837B491 for ; Sun, 25 Feb 2001 09:48:48 -0800 (PST) (envelope-from latif2221@home.com) Received: from home.com ([24.114.36.13]) by femail3.rdc1.on.home.com (InterMail vM.4.01.03.00 201-229-121) with ESMTP id <20010225174816.NXAZ12119.femail3.rdc1.on.home.com@home.com>; Sun, 25 Feb 2001 09:48:16 -0800 Message-ID: <3A98FB62.C9F8DE38@home.com> Date: Sun, 25 Feb 2001 12:32:35 +0000 From: Duraid Organization: nonp X-Mailer: Mozilla 4.76 [en] (X11; U; Linux 2.4.2 i586) X-Accept-Language: en MIME-Version: 1.0 To: Roelof Osinga , "freebsd-questions@FreeBSD.ORG" Subject: Re: netfilter in freebsd References: <3A977CB1.7EF85F24@home.com> <20010224144734.A23735@daemon.kingsqueak.org> <3A982EE9.6BB6F1BE@eboa.com> <3A97EB10.BA8E0293@home.com> <3A9838E9.D96506BF@eboa.com> Content-Type: text/plain; charset=us-ascii Content-Transfer-Encoding: 7bit Sender: owner-freebsd-questions@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.ORG Not really.. after lot's of digging through.. there is a major difference between the two... ipfilter is a true statefull packet filter... that is it has a state table that can keep track of every packet that you send using the 'keep state' keyword. this way you can block anything that you didn't send. while ipfw has the 'established' option but it doesn't use state table (memory) but only decide upon seeing certain flags in the packet (ACT and maybe FIN) which anybody can fake and pierce your firewall. Duraid Roelof Osinga wrote: > Duraid wrote: > > > > which on is newer ipfilter or ipfw? which one is statefull like iptables? i > > might also say which one is better? > > Whichever you like best. Some - like I still - swear by ipfw, others > swear at ipfw. Seems that ipfilter has a nicer language. Try them > both, they're free . > > Roelof > > -- > The New Nisse's Nisser @ http://nl.nisser.com/ To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-questions" in the body of the message