On Thu, Dec 04, 2003 at 10:38:16PM -0700, Emmanuel Gravel wrote:
> I'm looking through rc.conf and the kernel config file for FreeBSD 4.9
> (recently downloaded it, my last upgrade was 4.5 so I was way behind,
> and this is a new install because my old firewall died). I'm used to
> using ipfw and natd for my firewall, but now I'm seeing ipfilter, ipnat
> and ipmon. I've done a google search on all of www.freebsd.org for
> ipfilter, but it only seems to show up in release notes, and the online
> handbook doesn't really talk about it. Since I haven't recompiled my new
> kernel, should I consider this instead of ipfw and natd? What's the
> difference, exactly?

ipfilter is just another firewall implementation, which you can use
instead of ipfw/natd if you wish.
The difference is mainly that it is different.  The configuration and
implementation is completely different, but the functionality is more
or less the same.
Use whichever one of ipfw/ipfilter that you wish, but if you already
are familiar with ipfw/natd you might as well stick with it, unless you
have some specific reason to switch.

Since ipfilter isn't FreeBSD specific, you should probably not confine
your web-searches for information on it to freebsd.org.

> On a related note, I'm not sure what the usefulness of IPDIVERT is
> either, so I don't know if I should compile it in the kernel or not.

It is needed for natd to work, so if you are using natd you need
IPDIVERT in your kernel.

<Insert your favourite quote here.>
Erik Trulsson
[EMAIL PROTECTED] mailing list
To unsubscribe, send any mail to "[EMAIL PROTECTED]"

Reply via email to