[FreeBSD 11 Wishlist] Replacing an OpenBSD Firewall
Warren Block
wblock at wonkity.com
Fri Jan 2 21:28:55 UTC 2015
On Fri, 2 Jan 2015, Lowell Gilbert wrote:
> Adrian Chadd <adrian at freebsd.org> writes:
>
>> On 2 January 2015 at 07:41, Mark Felder <feld at freebsd.org> wrote:
>>> I've been encouraged to use ipfw and dummynet, but converting my
>>> firewall rules again is not something I'm enthusiastic about. I'll note
>>> that FreeBSD is often praised for including pf while ipfw is completely
>>> overlooked; our own Handbook even puts pf before ipfw. That certainly
>>> sends a message that we may not be intending to send and should be
>>> considered carefully.
>>
>> Well, I bet the handbook updates were written by a pf-loving person. :)
>
> I just took a quick look at that Handbook chapter (for the first time in
> quite a few years), and I didn't notice anything I'd consider a
> problem. All three firewalls are mentioned and (*very* lightly) compared
> in the Synopsis that begins the chapter. pf does come before ipfw, but
> *something* has to come first; it's not like anyone would go for a
> suggestion like periodically re-ordering the sections...
Before the reorganization, I think ipf was first. (And we were so close
to losing it altogether...)
More information about the freebsd-hackers
mailing list