From owner-freebsd-questions@FreeBSD.ORG Tue Feb 9 18:28:49 2010 Return-Path: Delivered-To: freebsd-questions@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id 68534106568F for ; Tue, 9 Feb 2010 18:28:49 +0000 (UTC) (envelope-from rwmaillists@googlemail.com) Received: from mail-ww0-f54.google.com (mail-ww0-f54.google.com [74.125.82.54]) by mx1.freebsd.org (Postfix) with ESMTP id EDB8D8FC12 for ; Tue, 9 Feb 2010 18:28:48 +0000 (UTC) Received: by wwj40 with SMTP id 40so2350583wwj.13 for ; Tue, 09 Feb 2010 10:28:47 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=googlemail.com; s=gamma; h=domainkey-signature:received:received:date:from:to:subject :message-id:in-reply-to:references:x-mailer:mime-version :content-type:content-transfer-encoding; bh=t/fGdceXQIvs8n3NoeU5ullUvTNBCKyhJGwgTrrCDSY=; b=CLvdIE7pyTLikK07JQjqgJ4O1dA/UR1SKeBDuwonxSHXzgIfXYTBGaaRepOFVa9L9j /DmFkeWziJcrEsvCFHostJskO7rnH7miRc0Gz/HZqTfifenlcMRupgef1FEHv9pfPl9t KFF2fAYDvHovAewZ+WyW2T2MuIvsE2IQvVqgQ= DomainKey-Signature: a=rsa-sha1; c=nofws; d=googlemail.com; s=gamma; h=date:from:to:subject:message-id:in-reply-to:references:x-mailer :mime-version:content-type:content-transfer-encoding; b=p+RjOgXLMrFFxvWU6Yx12KOnQB94zIUTFw7PLvqaFqrBG7OWL8QKsECNZBAs4FxjcZ rKaqq+w5a0CNZ9oEAzHSENdnKagCD20U63AzY0UxxjQeH6kZXWgN5CF3XPHx+FqbVLle 3b4v+l4xJyzwAt/nuHXjAOgxAFUaU/J6OLf/Y= Received: by 10.216.87.133 with SMTP id y5mr973910wee.139.1265740126397; Tue, 09 Feb 2010 10:28:46 -0800 (PST) Received: from gumby.homeunix.com (bb-87-81-140-128.ukonline.co.uk [87.81.140.128]) by mx.google.com with ESMTPS id q9sm1159110gve.0.2010.02.09.10.28.44 (version=SSLv3 cipher=RC4-MD5); Tue, 09 Feb 2010 10:28:45 -0800 (PST) Date: Tue, 9 Feb 2010 18:28:43 +0000 From: RW To: freebsd-questions@freebsd.org Message-ID: <20100209182843.10a8ad90@gumby.homeunix.com> In-Reply-To: <20100209105444.A70035@starfire.mn.org> References: <20100209085907.A62092@starfire.mn.org> <20100209153134.304a10bc@gumby.homeunix.com> <20100209105444.A70035@starfire.mn.org> X-Mailer: Claws Mail 3.7.5 (GTK+ 2.18.6; i386-portbld-freebsd8.0) Mime-Version: 1.0 Content-Type: text/plain; charset=US-ASCII Content-Transfer-Encoding: 7bit Subject: Re: Migrating from ipfw and natd to pf X-BeenThere: freebsd-questions@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: User questions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 09 Feb 2010 18:28:49 -0000 On Tue, 9 Feb 2010 10:54:45 -0600 John wrote: > On Tue, Feb 09, 2010 at 03:31:34PM +0000, RW wrote: > > On Tue, 9 Feb 2010 08:59:07 -0600 > > John wrote: > > > > > Is there a good guide somewhere for migrating from ipfw and natd > > > rules to pf? I had pretty much gotten used to ipfw, and now pf > > > seems very different to use and understand. > > > > http://www.openbsd.org/faq/pf/index.html Please keep on-topic replies in-list to help people who are searching the list. > OK - I guess it's all in there somewhere! Most of what you need to know is in the Basic Configuration section - it's not much, pf is much easier than ipfw. > I'm confused, though. I > thought "pf" was a part of the regular kernel? But I do not have > a /dev/pf: The kernel module is loaded by the rc.d script if you enable pf in rc.conf, check /etc/defaults/rc.conf for more details. The rc.d script also has a few useful extra options for checking syntax and reloading rules without disrupting connections.