|
|
| Line 1: |
Line 1: |
| − | A '''firewall''' is a [[gateway]] device which sits between networks and examines the traffic wanting to pass through it, and makes decisions about whether to allow, deny, log, [[NAT]], and/or otherwise fiddle with that traffic on a packet-by-packet basis by consulting a ruleset it's been programmed with.
| + | #REDIRECT [[:Category:Firewall]] |
| − | | + | |
| − | The main purpose of most firewalls is to protect an internal network from malicious traffic inbound from the outside network(s), but they can also be used to monitor and/or control outbound traffic. In particular, in work-related environments it can be useful to deny outbound traffic on ports used for non-work-related peer-to-peer file-sharing networks; and to deny and log outbound traffic that is characteristic of malware-related activity.
| + | |
| − | | + | |
| − | Under FreeBSD, three kernel firewalls are available; [[ipfw]] (FreeBSD-based), [[pf]] (OpenBSD-originated, ported to FreeBSD), and [[ipf]] (OS-agnostic). [[ipfw]] and [[ipf]] will work as [[modules]] but if you're going to be running them at all, you'll probably want to recompile your kernel for static support -- see [[Firewall, Configuring]], below.
| + | |
| − | | + | |
| − | see also: [[Firewall, Configuring]], [[Firewall, Monitoring]], [[ipfw]], [[Network Address Translation]], [[Gateway]]
| + | |
| | | | |
| | [[Category:FreeBSD Terminology]] | | [[Category:FreeBSD Terminology]] |
| | [[Category:Securing FreeBSD]] | | [[Category:Securing FreeBSD]] |
