[ILUG] ipfw vs ipchains vs iptables
phil at redbrick.dcu.ie
Mon Jul 29 19:18:55 IST 2002
Paul Jakma's [paulj at alphyra.ie] 53 lines of wisdom included:
> however, there are quite a few setup scripts available for
> ipchains/iptables, which can make config just as easy as ipfw.
Well, that doesn't help you reading your listing.
> isnt the ipfw code in BSD brand-new aswell? (the old code was
> rewritten for OpenBSD recently due to licensing concerns).
I think you're talking about IPFilter, and OpenBSD's new PF code.
Now who's talking FUD :)
> the above is a bit FUD'ish.
Perhaps, although I think when seriously considering something like
a firewall, tried and trusted means a hell of a lot. IPFilter would
probably win that race.
> they're all much of a muchness really. probably best thing is:
> - if you're more comfortable with BSD -> ipfw
I was talking in terms of the actual firewall. If the company in
question knows plenty about Linux and nothing about FreeBSD, I'd go
with a Linux box, merely because when something goes wrong (that
isn't got to do with ipfw/ipchains/ipfilter), then someone knows how
to fix it.
As I said before, I have little to no in-depth experience with
netfilter, I'm aware of it's basic capabilities and had a quick look
at it's features in early 2.4 editions but that's it.
RFC Networks tel: 01 8832063
www.rfc-networks.ie fax: 01 8832041
More information about the ILUG