Bill Yuan’s work on a new ipfw has been committed, and for clarity, called “ipfw3“.
7 Replies to “New ipfw in DragonFly”
Comments are closed.
Bill Yuan’s work on a new ipfw has been committed, and for clarity, called “ipfw3“.
Comments are closed.
Nice, is this eventually going to be Dragonfly’s native alternative to pf?
It’s already an alternative; it’s committed and usable. How usable is something we’ll have to just find out by using it.
As a side note, dillon mentioned you have to load a few different modules in order to use the new ipfw3, so we should make sure that it’s documented which ones those are and that people are aware of it in the event that they want to use it, I don’t remember what they were off the top of my head though, but I’m sure dillon and bill would know.
here we got the document, i think with ipfw’s experience , it should be easy to use.
http://www.dragonflybsd.org/docs/ipfw2/
Simple stupid questions.
AFAIK IPFW requires rule numbering which is horrible idea IMHO (reminds me BASIC). So IPFW3 also requires rule numbering?
What about NAT and traffic shaping?
without the rule numbering, you probably cannot need to reload the firewall rules when you need to make some changes. you cannot make it on the fly cause you cannot specify where to insert/delete