The problem with all those links is that what they write about is outdated and complete mis-directs the reader into using IPFW's legacy stateless rules when only stateful rules should be used to get the max level of protection.
The rules she gives in her second article most certainly describe creating a stateful firewall.
They also completely ignore the problem ipfw has with stateful rules not working when the divert/naded subroutine call is used. IPFW has major legacy stateful/NAT bug and ipfilter does not.
Can you provide me with links to information that documents this?
Ipfilter provides an much higher level of protection in an LAN environment than IPFW can ever do in it's current state. Even the openbsd pf port is an better firewall solution for a firewall with an LAN behind it then IPFW.
Please provide me with links to documentation that objectively compares them, so that I can weigh the merits of what you say.
Please don't continue the FBSD's handbook mis-information about IPFW being the only FBSD firewall solution or that it's the best solution. The handbook is also way behind in it's content being current and up to date.
As a new FreeBSD user, there's no way I could possibly know that, now is there? I simply passed along what I have found to be useful.
I still need to know the answer to my question about what changes I need to make to my kernel to support a firewall on my server.
-ste
_______________________________________________ [EMAIL PROTECTED] mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "[EMAIL PROTECTED]"
