Date: Mon, 28 Apr 2008 20:50:06 +0100 From: Bruce Cran <bruce@cran.org.uk> To: Doug Hardie <bc979@lafn.org> Cc: freebsd-questions <freebsd-questions@freebsd.org> Subject: Re: Firewalls Message-ID: <48162A6E.8050607@cran.org.uk> In-Reply-To: <05B6619C-9771-41EA-B43E-05DB40CB3258@lafn.org> References: <05B6619C-9771-41EA-B43E-05DB40CB3258@lafn.org>
next in thread | previous in thread | raw e-mail | index | archive | help
Doug Hardie wrote: > FreeBSD supports 3 firewalls: IPF, IPFW, and PF. Some time ago > (perhaps years) I seem to recall some discussion that one or more of > those was better maintained and higher quality than the others. I don't > see any indications of this in the handbook. Several years ago I needed > to do traffic shaping and used IPFW with dummynet. It worked but the > need eventually went away. More recently I needed to incorporate spamd > which defaults to PF so I used that. However, now I am back to needing > traffic shaping again. I suspect trying to use both PF and IPFW > simultaneously will not be a good approach. In addition, there now are > instructions for using spamd with IPFW so it appears that either PF or > IPFW will do what I need. Is there any additional information available > to assist in selecting between those? Thanks. As I understand it pf is often found to be easiest to use and has lots of features like altq and os fingerprinting but is quite a bit slower than ipfw. -- Bruce
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?48162A6E.8050607>