From owner-freebsd-stable Fri Aug 18 10:23:12 2000 Delivered-To: freebsd-stable@freebsd.org Received: from accord.grasslake.net (accord.grasslake.net [206.11.249.240]) by hub.freebsd.org (Postfix) with ESMTP id 1DD0F37B422 for ; Fri, 18 Aug 2000 10:23:10 -0700 (PDT) Received: from marlowe (Marlowe.campbell-mithun.com [192.159.32.184]) by accord.grasslake.net (8.9.3/8.9.3) with SMTP id MAA10928 for ; Fri, 18 Aug 2000 12:24:22 -0500 (CDT) (envelope-from swb@grasslake.net) Message-ID: <000f01c00939$0dd7b480$b8209fc0@marlowe> From: "Shawn Barnhart" To: References: <200008181623005.richw@wyattearp.stanford.edu> Subject: ipfilter v. ipfw Date: Fri, 18 Aug 2000 12:23:41 -0500 MIME-Version: 1.0 Content-Type: text/plain; charset="iso-8859-1" Content-Transfer-Encoding: 7bit X-Priority: 3 X-MSMail-Priority: Normal X-Mailer: Microsoft Outlook Express 5.00.3018.1300 X-MimeOLE: Produced By Microsoft MimeOLE V5.00.3018.1300 Sender: owner-freebsd-stable@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.ORG | Hmmm. I do indeed have both "ipfilter" and "ipfw" support enabled in | my kernel. However, I am currently using only "ipfw" firewall rules | (in /etc/rc.firewall). I've been considering the idea of switching | over to the new "ipfilter" facility, but I haven't had time yet. Is ipfilter newer/better/smarter/faster/etc than ipfw? I've always been under the assumption that ipfw was the "built-in" packet filtering code and ipfilter was a kind of add-on filtering that wasn't as built-in. Is this correct or am I missing out? I've got no complaints about ipfw and haven't needed to consider ipfilter. To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-stable" in the body of the message