ipfw firewall book or...

fernandel

Aspiring Daemon

Reaction score: 204
Messages: 829

Hi!

I start learning firewall as firewall and IPFW firewall which I am using now. Are there more information about IPFW like is for pf firewall, please?
I search a lot but not so success.
Thank you.
 

PMc

Aspiring Daemon

Reaction score: 180
Messages: 513

That depends on what information You look for.
The manpage fully describes all the implemented functions, but does so in a very terse way; it is suited for look-up, not for learning.
Then, one could go the way of trial&error: all the activity can be logged, so one can just start off and experiment and observe what is happening (that's the way I went).

A main problem might be: one needs to think out a kind of "architecture" - how to approach the task best for the given use-case. Consider ipfw providing just a bunch of brickstones, and building a proper house (or a wall) is yet another task, and there are a couple of possible approaches. There are probably books about general practices of firewall design - but no idea which of them might be useful.

So, question: do You find it just difficult to understand the manpage with its highly condensed writing, or are You looking for common best practices to handle certain traffic, or are You trying to develop the general strategy to protect a given site? As these are three different fields, and each has to be tackled somehow.
 
OP
OP
fernandel

fernandel

Aspiring Daemon

Reaction score: 204
Messages: 829

That depends on what information You look for.
The manpage fully describes all the implemented functions, but does so in a very terse way; it is suited for look-up, not for learning.
Then, one could go the way of trial&error: all the activity can be logged, so one can just start off and experiment and observe what is happening (that's the way I went).
I agree about manpage and I star to do the same as you did - experimenting.
 

chrbr

Aspiring Daemon

Reaction score: 247
Messages: 680

I found it interesting to start the firewall in /etc/rc.conf by
Code:
firewall_type="workstation"
or others and to try to understand why things show up in ipfw show and why that should be fine.
 

bookwormep

Well-Known Member

Reaction score: 164
Messages: 292

There is an older Apple/Macintosh book: The Big Book of Apple Hacks, by C. Seibold; includes details of the IPFW firewall (among other tips). Not sure if this is what you want, it might help.
 

Nicola Mingotti

Well-Known Member

Reaction score: 170
Messages: 431

Hi!

I start learning firewall as firewall and IPFW firewall which I am using now. Are there more information about IPFW like is for pf firewall, please?
I search a lot but not so success.
Thank you.
fernandel print the man page and read it slowly;)

some time ago i gave it a shot, then i stayed with pf.
 

SirDice

Administrator
Staff member
Administrator
Moderator

Reaction score: 8,050
Messages: 31,634

I start learning firewall as firewall and IPFW firewall which I am using now. Are there more information about IPFW like is for pf firewall, please?
I would suggest just getting a good book about TCP/IP in general. If you understand TCP/IP you will automatically understand what a firewall does and how you can use it. You will be armed with more generic information, knowledge you can apply to all sorts of firewalls and networking equipment, not just to IPFW.
 

jdakhayman

Member

Reaction score: 14
Messages: 33

I would suggest just getting a good book about TCP/IP in general. If you understand TCP/IP you will automatically understand what a firewall does and how you can use it. You will be armed with more generic information, knowledge you can apply to all sorts of firewalls and networking equipment, not just to IPFW.
Have any suggestions on what that good book is?
 

SirDice

Administrator
Staff member
Administrator
Moderator

Reaction score: 8,050
Messages: 31,634

I'm quite fond of my "TCP/IP Illustrated" set. The whole set is 3 volumes but for TCP/IP you really only need Volume 1.


But this might be too advanced to start with. It explains every bit in excruciating detail.
 

jdakhayman

Member

Reaction score: 14
Messages: 33

Thank you. I have several books. Especially the ones lists in the ipfw man file. This is one I dont have.
 
Top