From owner-freebsd-net Tue Dec 12 13:34:25 2000 From owner-freebsd-net@FreeBSD.ORG Tue Dec 12 13:34:24 2000 Return-Path: Delivered-To: freebsd-net@freebsd.org Received: from elvis.mu.org (elvis.mu.org [207.154.226.10]) by hub.freebsd.org (Postfix) with ESMTP id 2D22437B400 for ; Tue, 12 Dec 2000 13:34:24 -0800 (PST) Received: by elvis.mu.org (Postfix, from userid 1098) id 2C6312B2B9; Tue, 12 Dec 2000 15:34:23 -0600 (CST) Date: Tue, 12 Dec 2000 15:34:23 -0600 From: Bill Fumerola To: Martin Eggen Cc: freebsd-net@freebsd.org Subject: Re: ipfilter _and_ ipfirewall? Message-ID: <20001212153422.A72273@elvis.mu.org> References: <20001212081016.A22602@unity.copyleft.no> Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline User-Agent: Mutt/1.2.5i In-Reply-To: <20001212081016.A22602@unity.copyleft.no>; from martin@copyleft.no on Tue, Dec 12, 2000 at 08:10:16AM +0100 X-Operating-System: FreeBSD 4.2-FEARSOME-20001103 i386 Sender: billf@elvis.mu.org Sender: owner-freebsd-net@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.org On Tue, Dec 12, 2000 at 08:10:16AM +0100, Martin Eggen wrote: > Would having the following in a kernel config work? > > options IPFIREWALL > options IPFIREWALL_DEFAULT_TO_ACCEPT > options DUMMYNET > options IPFILTER > > That is, to use ipfw exclusively for bandwidth limiting with dummynet, and > ipfilter for packet filtering? > I seem to recall that I've read a description of this, but came out empty > when searching for anything regarding the topic. As answered multiple times on multiple lists: yes. -- Bill Fumerola - security yahoo / Yahoo! inc. - fumerola@yahoo-inc.com / billf@FreeBSD.org To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-net" in the body of the message