May 28th, 2003, 16:16
All right I have been thinking about this for the last week or so, and I would like to setup some sort of packet filter on my desktop. Though I dont have any prior experience on doing this I would like some suggestions on which would be best, I know that ipfw is the native FreeBSD packet filter, though the openBSD pf was ported over to FreeBSD and I've been fooling around with that. Which would you recommennd, to a beginner?

May 28th, 2003, 16:19
I'd recommend pf to anyone, beginner or not. It's the best. See this for more:

May 29th, 2003, 00:31
I try not to post the "pile on" kind of posts, but I just can't help myself here... :D

I completely agree with MiNiOn, I think pf is the way to go.

From a beginning stand point, I find that rules are easier to understand with pf, in part because rulesets tend to be cleaner and shorter because of using variables. Another reason to go with pf is I think it won't be long till pf shows up not just on other BSDs like freebsd, but all over the *nix world. Its just that good! Might as well learn what is likely going to be the leading edge going forward. Also pf is adding functionality that the others just don't have...

Clean, striaght forward, and powerfull, thats why I go with pf...


May 29th, 2003, 23:43
Thanks those links are definitely helpful.

May 30th, 2003, 12:25
once pf is standard for 5x i'll run it.. until then i dont want to play around w/ my firewall... i like it the way it is at the moment.. but the idea of variables and such kinda grabs my attention pf does offer a lot that i want to play w/ and i cant wait till it's standard for fbsd