Hello, I am deciding whether to use ipf or ipfw. I have had a brief look at them and I like them both. I am quite a newbie in this.
Is any one of them particularly better for the following situation? One standalone server, hosted by an ISP; only want to protect myself (explicitly allow the services I provide); no need for traffic shaping; want to do some traffic statistics, though. If you would use _one_ of them rather than the other for such a task, please tell me why (I mean, point me to the docs saying why). Also, I am a bit confused by the kernel config for this: the names of the IPFILTER* and IPFIREWALL* make me think I need IPFILTER* to be able to run ipf, and IPFIREWALL* to run ipfw. But the kernel functionality needed to run them is probably very much the same, so what am I missing? Didn't find this in the Handbook. Which of these should I enable to run ipf(w)? Point me to the docs, please. device bpf # Berkeley packet filter options IPSEC #IP security options IPSEC_ESP #IP security (crypto; define w/ IPSEC) options IPSEC_DEBUG #debug for IP security options MROUTING # Multicast routing options IPFIREWALL #firewall options IPFIREWALL_FORWARD #enable transparent proxy support #options IPFIREWALL_DEFAULT_TO_ACCEPT #allow everything by default options IPDIVERT #divert sockets options IPFILTER #ipfilter support options IPFILTER_LOG #ipfilter logging options IPFILTER_DEFAULT_BLOCK #block all packets by default options IPSTEALTH #support for stealth forwarding Thank you Jan _______________________________________________ [EMAIL PROTECTED] mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "[EMAIL PROTECTED]"