Which Firewall?

Justin Sherrill justin at shiningsilence.com
Mon Dec 15 18:22:39 PST 2014


A better question to ask may be "I want to do (this specific thing),
so what is the proper tool for it?"

pf and ipfw both work, in that they can block or adjust network
traffic based on arbitrary rules.  You'll never get an answer on
what's "better".

I used to use ipfw and moved to pf for my local NAT.  It was better
for me because it was a much simpler config.  I had a specific use
case in that scenario.  If you have a specific goal in mind, it is
easier to give feedback.

On Mon, Dec 15, 2014 at 10:21 AM, Jeremy <dyre17 at gmail.com> wrote:
> Hi all,
>
> the Dragonfly handbook states pf is the recommended firewall, yet goes on to
> say that the included pf is the older pf & that ipfw has features not yet
> available in pf.  Then it goes on to give very detailed instructions for
> ipfw & points pf users to (seemingly) broken link as a manual.
>
> I find this misleading & confusing, as it suggests that ipfw may be a more
> sensible way to go, despite stating that pf is "recommended".
>
> Could someone kindly rectify my understand here?
>
> Thank you.
>
> -Jeremy



More information about the Users mailing list