Firewall
(Blanked the page) |
(Firewall) |
||
Line 1: | Line 1: | ||
+ | A '''firewall''' is a software application that runs on a Freebsd system acting as a gateway to the public internet that examines the traffic wanting to pass through it making decisions about whether to allow, deny, log, NAT, and/or otherwise fiddle with the traffic on a packet-by-packet basis by consulting a ruleset it's been programmed with. | ||
+ | The main purpose of firewalls is to protect an internal network from malicious traffic inbound from public networks. They can monitor and/or control both inbound and outbound traffic. In particular, in work related environments it can be useful to deny outbound traffic on ports used for non-work-related peer-to-peer file-sharing networks; and to deny and log outbound traffic that is characteristic of malware-related activity. | ||
+ | |||
+ | FreeBSD has three firewall soultions available, they are; [ipfw] (FreeBSD-maintained), [pf] (OpenBSD-originated, ported to FreeBSD), and [ipf] (OS-agnostic, ipfilter ported to FreeBSD). | ||
+ | |||
+ | [[Category:Securing FreeBSD]] |
Revision as of 13:18, 13 August 2012
A firewall is a software application that runs on a Freebsd system acting as a gateway to the public internet that examines the traffic wanting to pass through it making decisions about whether to allow, deny, log, NAT, and/or otherwise fiddle with the traffic on a packet-by-packet basis by consulting a ruleset it's been programmed with.
The main purpose of firewalls is to protect an internal network from malicious traffic inbound from public networks. They can monitor and/or control both inbound and outbound traffic. In particular, in work related environments it can be useful to deny outbound traffic on ports used for non-work-related peer-to-peer file-sharing networks; and to deny and log outbound traffic that is characteristic of malware-related activity.
FreeBSD has three firewall soultions available, they are; [ipfw] (FreeBSD-maintained), [pf] (OpenBSD-originated, ported to FreeBSD), and [ipf] (OS-agnostic, ipfilter ported to FreeBSD).