Re: ipf / pf availability in 4.9
List, Anyone know if there is a way to get PF to port to FreeBSD 4.9? Thanks On Dec 30, 2003, at 7:26 PM, fbsd_user wrote: PF has been just ported to FBSD. I don't know if ipf pf have a common code background, but I do know pf ipf have totally different rule processing logic though the rules do look some what common. When it comes to using variables on the rule set, that is just the normal function of shell processing. Ipfw, ipf, and pf can all be buried inside of an shell script and perform variable substitution. In FBSD the rc.conf statement for pointing to the directory location of the ipf rules can not process a script. You just point that rc.conf statement to an empty file just to get the system up. Then you have script in the startup application directory that executes to load the ipf rules. Works great. -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] Behalf Of [EMAIL PROTECTED] Sent: Tuesday, December 30, 2003 7:35 PM To: [EMAIL PROTECTED] Subject: ipf / pf Hi, Here's a question that might seem trivial: What's the relationship between the freebsd ipf and the openbsd pf? Are they the same thing, or are they separately developed branches of a common codebase? Or maybe they are totally different. I ask this because I was looking around for guides for ipf.rules, and some of the openbsd pf examples look similar, but some command syntax are different. The openbsd pf.conf example had the ability to define variables of ip addresses, interface names, etc, but it doesn't seem to work with ipf.rules. Is there any way to define variables in ipf.rules? please cc me in your responses cause I'm not subscribed to the list thanks so much jonathan ___ [EMAIL PROTECTED] mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED] ___ [EMAIL PROTECTED] mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED] --will ___ [EMAIL PROTECTED] mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
RE: ipf / pf availability in 4.9
The post you are replying to tells you pf has been ported to FBSD. All you had to do is go look for it in the port collection your self, here is the direct link. http://www.freebsd.org/cgi/ports.cgi?query=pfstype=allrelease=5.1- CURRENT%2Fi386 pf_freebsd-2.00_1 OpenBSD pf as a kldmodule Maintained by: [EMAIL PROTECTED] Also listed in: ipv6 Description : Sources : Package : Changes : Download http://pf4freebsd.love2party.net/index.html -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] Behalf Of Will Prater Sent: Wednesday, December 31, 2003 2:59 AM To: [EMAIL PROTECTED] Subject: Re: ipf / pf availability in 4.9 List, Anyone know if there is a way to get PF to port to FreeBSD 4.9? Thanks On Dec 30, 2003, at 7:26 PM, fbsd_user wrote: PF has been just ported to FBSD. I don't know if ipf pf have a common code background, but I do know pf ipf have totally different rule processing logic though the rules do look some what common. When it comes to using variables on the rule set, that is just the normal function of shell processing. Ipfw, ipf, and pf can all be buried inside of an shell script and perform variable substitution. In FBSD the rc.conf statement for pointing to the directory location of the ipf rules can not process a script. You just point that rc.conf statement to an empty file just to get the system up. Then you have script in the startup application directory that executes to load the ipf rules. Works great. -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] Behalf Of [EMAIL PROTECTED] Sent: Tuesday, December 30, 2003 7:35 PM To: [EMAIL PROTECTED] Subject: ipf / pf Hi, Here's a question that might seem trivial: What's the relationship between the freebsd ipf and the openbsd pf? Are they the same thing, or are they separately developed branches of a common codebase? Or maybe they are totally different. I ask this because I was looking around for guides for ipf.rules, and some of the openbsd pf examples look similar, but some command syntax are different. The openbsd pf.conf example had the ability to define variables of ip addresses, interface names, etc, but it doesn't seem to work with ipf.rules. Is there any way to define variables in ipf.rules? please cc me in your responses cause I'm not subscribed to the list thanks so much jonathan ___ [EMAIL PROTECTED] mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED] ___ [EMAIL PROTECTED] mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED] --will ___ [EMAIL PROTECTED] mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED] ___ [EMAIL PROTECTED] mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: ipf / pf availability in 4.9
On Dec 31, 2003, at 5:12 AM, fbsd_user wrote: The post you are replying to tells you pf has been ported to FBSD. Yes, and my question was how to get a port to 4.9. I am aware of the port being available for 5.0, 5.1. I would like to know if anyone has gotten it to run on 4.9 and what patches were necessary. Thanks All you had to do is go look for it in the port collection your self, here is the direct link. http://www.freebsd.org/cgi/ports.cgi?query=pfstype=allrelease=5.1- CURRENT%2Fi386 pf_freebsd-2.00_1 OpenBSD pf as a kldmodule Maintained by: [EMAIL PROTECTED] Also listed in: ipv6 Description : Sources : Package : Changes : Download http://pf4freebsd.love2party.net/index.html -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] Behalf Of Will Prater Sent: Wednesday, December 31, 2003 2:59 AM To: [EMAIL PROTECTED] Subject: Re: ipf / pf availability in 4.9 List, Anyone know if there is a way to get PF to port to FreeBSD 4.9? Thanks On Dec 30, 2003, at 7:26 PM, fbsd_user wrote: PF has been just ported to FBSD. I don't know if ipf pf have a common code background, but I do know pf ipf have totally different rule processing logic though the rules do look some what common. When it comes to using variables on the rule set, that is just the normal function of shell processing. Ipfw, ipf, and pf can all be buried inside of an shell script and perform variable substitution. In FBSD the rc.conf statement for pointing to the directory location of the ipf rules can not process a script. You just point that rc.conf statement to an empty file just to get the system up. Then you have script in the startup application directory that executes to load the ipf rules. Works great. -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] Behalf Of [EMAIL PROTECTED] Sent: Tuesday, December 30, 2003 7:35 PM To: [EMAIL PROTECTED] Subject: ipf / pf Hi, Here's a question that might seem trivial: What's the relationship between the freebsd ipf and the openbsd pf? Are they the same thing, or are they separately developed branches of a common codebase? Or maybe they are totally different. I ask this because I was looking around for guides for ipf.rules, and some of the openbsd pf examples look similar, but some command syntax are different. The openbsd pf.conf example had the ability to define variables of ip addresses, interface names, etc, but it doesn't seem to work with ipf.rules. Is there any way to define variables in ipf.rules? please cc me in your responses cause I'm not subscribed to the list thanks so much jonathan ___ [EMAIL PROTECTED] mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED] ___ [EMAIL PROTECTED] mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED] --will ___ [EMAIL PROTECTED] mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED] ___ [EMAIL PROTECTED] mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED] --will ___ [EMAIL PROTECTED] mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: ipf / pf availability in 4.9
- Original Message - From: Will Prater [EMAIL PROTECTED] To: [EMAIL PROTECTED] Cc: [EMAIL PROTECTED] Sent: Wednesday, December 31, 2003 1:27 PM Subject: Re: ipf / pf availability in 4.9 On Dec 31, 2003, at 5:12 AM, fbsd_user wrote: The post you are replying to tells you pf has been ported to FBSD. Yes, and my question was how to get a port to 4.9. I am aware of the port being available for 5.0, 5.1. I would like to know if anyone has gotten it to run on 4.9 and what patches were necessary. Thanks Are you talking about PF or IPF in 4.9? If it's IPF, it's a kernel option. Check out LINT and you'll find: options IPFILTER#ipfilter support options IPFILTER_LOG#ipfilter logging options IPFILTER_DEFAULT_BLOCK #block all packets by default Also, you should be able to do a man ipf on 4.9. -- Micheal Patterson TSG Network Administration 405-917-0600 Confidentiality Notice: This e-mail message, including any attachments, is for the sole use of the intended recipient(s) and may contain confidential and privileged information. Any unauthorized review, use, disclosure or distribution is prohibited. If you are not the intended recipient, please contact the sender by reply e-mail and destroy all copies of the original message. ___ [EMAIL PROTECTED] mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: ipf / pf availability in 4.9
On Dec 31, 2003, at 12:13 PM, Micheal Patterson wrote: - Original Message - From: Will Prater [EMAIL PROTECTED] To: [EMAIL PROTECTED] Cc: [EMAIL PROTECTED] Sent: Wednesday, December 31, 2003 1:27 PM Subject: Re: ipf / pf availability in 4.9 On Dec 31, 2003, at 5:12 AM, fbsd_user wrote: The post you are replying to tells you pf has been ported to FBSD. Yes, and my question was how to get a port to 4.9. I am aware of the port being available for 5.0, 5.1. I would like to know if anyone has gotten it to run on 4.9 and what patches were necessary. Thanks Are you talking about PF or IPF in 4.9? If it's IPF, it's a kernel option. PF. I already have IPF working. I am more familiar with PF and would rather be using it. Thanks Check out LINT and you'll find: options IPFILTER#ipfilter support options IPFILTER_LOG#ipfilter logging options IPFILTER_DEFAULT_BLOCK #block all packets by default Also, you should be able to do a man ipf on 4.9. -- Micheal Patterson TSG Network Administration 405-917-0600 Confidentiality Notice: This e-mail message, including any attachments, is for the sole use of the intended recipient(s) and may contain confidential and privileged information. Any unauthorized review, use, disclosure or distribution is prohibited. If you are not the intended recipient, please contact the sender by reply e-mail and destroy all copies of the original message. --will ___ [EMAIL PROTECTED] mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: ipf / pf availability in 4.9
snip Are you talking about PF or IPF in 4.9? If it's IPF, it's a kernel option. PF. I already have IPF working. I am more familiar with PF and would rather be using it. Thanks Ah. Ok. Misunderstood. -- Micheal Patterson TSG Network Administration 405-917-0600 Confidentiality Notice: This e-mail message, including any attachments, is for the sole use of the intended recipient(s) and may contain confidential and privileged information. Any unauthorized review, use, disclosure or distribution is prohibited. If you are not the intended recipient, please contact the sender by reply e-mail and destroy all copies of the original message. ___ [EMAIL PROTECTED] mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]