I am deciding whether to use ipf or ipfw. I have had a brief look
at them and I like them both. I am quite a newbie in this.

Is any one of them particularly better for the following
situation? One standalone server, hosted by an ISP; only want to
protect myself (explicitly allow the services I provide); no need
for traffic shaping; want to do some traffic statistics, though.

If you would use _one_ of them rather than the other for such a
task, please tell me why (I mean, point me to the docs saying

Also, I am a bit confused by the kernel config for this: the
names of the IPFILTER* and IPFIREWALL* make me think I need
IPFILTER* to be able to run ipf, and IPFIREWALL* to run ipfw.
But the kernel functionality needed to run them is probably very
much the same, so what am I missing? Didn't find this in the
Handbook. Which of these should I enable to run ipf(w)?
Point me to the docs, please.

device          bpf             # Berkeley packet filter
options         IPSEC                   #IP security
options         IPSEC_ESP               #IP security (crypto; define w/ IPSEC)
options         IPSEC_DEBUG             #debug for IP security
options         MROUTING                # Multicast routing
options         IPFIREWALL              #firewall
options         IPFIREWALL_FORWARD      #enable transparent proxy support
#options        IPFIREWALL_DEFAULT_TO_ACCEPT    #allow everything by default
options         IPDIVERT                #divert sockets
options         IPFILTER                #ipfilter support
options         IPFILTER_LOG            #ipfilter logging
options         IPFILTER_DEFAULT_BLOCK  #block all packets by default
options         IPSTEALTH               #support for stealth forwarding

        Thank you


[EMAIL PROTECTED] mailing list
To unsubscribe, send any mail to "[EMAIL PROTECTED]"

Reply via email to