Reputation: 1
Using ipfw and pf together
I would like to use pf and ipfw at the same time for different tasks, but I can not understand who is activated first (if there is an order) when a rule is received.
Also trying to verify this, I can’t figure out where the pf and ipfw log files are located on both OPNsense and FreeBSD. Please, help me.
Thanks in advance!
I searched the web but unfortunately I found nothing about it and it is not clear where the respective log files are located
Upvotes: 0
Views: 65
Answers (1)
Reputation: 11
The order is dependent on who is loaded first. Starting from FreeBSD 13.2 there is also pfilctl(8) utility which allows changing order of firewalls in runtime.
Note that usually the order on output is reversed than on input - that is, for one firewall to be "upper" and other "lower", if packet path is drawn as stack: walking from wire/bottom via firewalls to kernel/top on input, and from kernel/top via firewalls to wire/bottom on output.
Upvotes: 1