Solved [noob] pf, ipf and ipfw

Hi, which firewall should I choose between pf, ipf and ipfw for a home application or a small business?

I've been using pf on my local laptop with a very minimal configuration, just to close every ports except the ones I need on my local network.

But which one would you recommend for a dedicated network firewall or just in general? What are the main differences between them? As I never really dig into it before today, I don't really understand why FreeBSD is shipped with 3 different firewalls with similar syntax.
 
Hi, which firewall should I choose between pf, ipf and ipfw for a home application or a small business?
The one you like. This is just personal preference, they're all capable of doing this.

What are the main differences between them?
Syntax of the rule set primarily. There are some internal differences too but you're not likely to run into those with a fairly "simple" set up.

As I never really dig into it before today, I don't really understand why FreeBSD is shipped with 3 different firewalls with similar syntax.
PF was developed by OpenBSD to replace IPFILTER, and so the syntax is very similar. IPFW's syntax doesn't even remotely look like those two.


But which one would you recommend for a dedicated network firewall or just in general?
I like PF, but again, this is just personal preference.
 
Just my 2c. I would recommend against IPF (IPFILTER).

I used IPF extensively in the past (about 10 years ago) and returned to it because of its power and familiarity. When I had an issue with one apparently misbehaving rule I went looking for support locations. The original author Darren Reed has seemingly disappeared from support of IPFILTER. There is an aged FAQ: IPFilter FAQ but almost all the links to sites are broken and the mailing list doesn't seem to exist. I read in another post that IPF is maintained in FreeBSD due to a vendor's use of it in their FreeBSD product Link to post.

I looked at both IPFW and PF and almost went with PF due to its similarity to IPFILTER -- they both have rule grouping hierarchy that is a powerful feature. Also PF is the firewall used in pfSense which I also use. In the end I decided to go with IPFW and at least for the time being use the default system provided rules for the "workstation" profile. I understand IPFW originated with FreeBSD so it seems like it might have a marginally higher/better support.

As other's say there are a lot of personal reasons to decide on one vs the other and I believe all three work pretty well given the years they have all been in use.

P.S. If you want to roll your own firewall from scratch these questions are good ones to decide. If you'd like a simpler solution you might look at something like pfSense which is built on top of FreeBSD using PF but has a nice GUI. I don't own stock in pfSense but am a user and appreciate that it is built using FreeBSD. There is both a paid and a free version of pfSense.
 
Thank you all for the clear answers, I can see clearer now as of their differences. And essentially all 3 are decent options.
 
Back
Top