Multiple firewalls
Cristian KLEIN
cristi at net.utcluj.ro
Wed Oct 25 13:22:09 UTC 2006
Max Laier wrote:
> On Wednesday 25 October 2006 01:20, Cristian KLEIN wrote:
>> Hi everybody,
>>
>> Please review the following article:
>> http://cristiklein.c7obs.net/public/doc/en_US.ISO8859-1/books/handbook/
>> firewalls-multi.html
>
> "Note: At the time of this writing, using IPFW and PF is not recommended."
>
> Where do you get such information? I know of several successful
> installations doing things like divert for L7 filtering in ipfw
> and "normal" firewalling in pf. Also note, that in order to use ipfw's
> ALTQ pf (eventhough one w/o a filtering ruleset) is required.
PF NAT did not work on a computer on which IPFW and PF were build into
the kernel. IPFW was not even enabled, but for some reason, packets did
not get translated. I admit that more research should be done in this
direction.
>
>> Here is the patch against the newest cvs-doc:
>> http://cristiklein.c7obs.net/public/doc/firewalls-multi.diff
>
--
+-------------------------------------+
| Cristian KLEIN |
| Network Engineer |
| Communication Center |
| Technical University of Cluj-Napoca |
+-------------------------------------+
| Tel: +40-264-401247, int. 247 |
| WWW: http://www.cc.utcluj.ro |
+-------------------------------------+
More information about the freebsd-doc
mailing list