OSEC

Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email hr@neohapsis.com
 
Subject: Re: ipf or ipfw (was: log with dynamic firewall rules)
From: Siobhan Patricia Lynch (trishbsdunix.net)
Date: Thu Jul 27 2000 - 02:25:33 CDT

I actually use ipfw for everything, I can;t see any real advantage to
ipfilter in a situation that we're using it for (some people know
where I work)

ipfilter has to be flushed and reloaded, I don;t have that luxury

ipfw I can add rules on the fly.

now back in 3.x, I would have chosen ipf over ipfw, but with the
dawn of check-state and keep-state, ipfw wins hands down in this
situation.

-Trish

__

Trish Lynch
FreeBSD - The Power to Serve trishbsdunix.net
Rush Networking trishrush.net

On Thu, 27 Jul 2000, Reinoud wrote:

> On Wed, 26 Jul 2000, Gerhard Sittig wrote:
>
> > On Tue, Jul 25, 2000 at 21:56 -0500, Stephen Montgomery-Smith wrote:
> > >
> > > Would running both ipfw and ipf be considered over the top?
> >
> > I was never sure whether they collide or not. But having ipf
> > running I don't see a point in using ipfw. Make sure you have
> >
>
> There can be one reason to run ipfw and ipf together.
> I just use ipf as firewall, and started using ipfw cause dummynet
> can only be used when you're using ipfw as far as i can tell.
> So ipf is still used (and will always be :) ) as ip filter on the
> machines, and ipfw is used just to make dummynet work to control
> bandwidth.
> Bye,
>
> Reinoud.
>
>
>
>
> To Unsubscribe: send mail to majordomoFreeBSD.org
> with "unsubscribe freebsd-security" in the body of the message
>

To Unsubscribe: send mail to majordomoFreeBSD.org
with "unsubscribe freebsd-security" in the body of the message