• IPFilter

IP FIlter

IP Filter is one of the three packet filters included in FreeBSD.

Documentation

IP Filter documentation can be found at the following:

• The man pages can be found at:

  • ipfilter(4): https://www.freebsd.org/cgi/man.cgi?query=ipfilter&apropos=0&sektion=4&manpath=FreeBSD+12.1-RELEASE+and+Ports&arch=default&format=html

  • ipf(8) https://www.freebsd.org/cgi/man.cgi?query=ipf&apropos=0&sektion=8&manpath=FreeBSD+12.1-RELEASE+and+Ports&arch=default&format=html

  • ipf(5)https://www.freebsd.org/cgi/man.cgi?query=ipf&apropos=0&sektion=5&manpath=FreeBSD+12.1-RELEASE+and+Ports&arch=default&format=html

  • ipnat(8) https://www.freebsd.org/cgi/man.cgi?query=ipnat&apropos=0&sektion=8&manpath=FreeBSD+12.1-RELEASE+and+Ports&arch=default&format=html

  • ipnat(5) https://www.freebsd.org/cgi/man.cgi?query=ipnat&apropos=0&sektion=5&manpath=FreeBSD+12.1-RELEASE+and+Ports&arch=default&format=html

  • ippool(8) https://www.freebsd.org/cgi/man.cgi?query=ippool&apropos=0&sektion=8&manpath=FreeBSD+12.1-RELEASE+and+Ports&arch=default&format=html

  • ippool(5) https://www.freebsd.org/cgi/man.cgi?query=ippool&apropos=0&sektion=5&manpath=FreeBSD+12.1-RELEASE+and+Ports&arch=default&format=html

• FreeBSD's handbook page: https://www.freebsd.org/doc/handbook/firewalls-ipf.html

• NetBSD's handbook page: https://www.netbsd.org/docs/network/nsps/config_ipf.html

• Oracle Solaris IP Filter documentation: https://docs.oracle.com/cd/E36784_01/html/E36883/ipfilter-5.html

• This Solaris 10 article is a good primer: https://prefetch.net/articles/solarisipfilter.html

• Illumos ipfilter documentation: https://illumos.org/man/5/ipfilter

• Phil Dibowitz has created an excellent FAQ: https://www.phildev.net/ipf/

• IP Filter commands and tools: https://techpubs.jurassic.nl/manuals/0650/admin/IPFilter_UG/sgi_html/ch03.html

FreeBSD Ports

Four FreeBSD ports support IP Filter.

ipfmeta (https://svnweb.freebsd.org/ports/head/security/ipfmeta/) is used to simplify the maintenance of your IPfilter ruleset. It does this through the use of 'objects'. A matching object gets replaced by its values at runtime. This is similar to what a macro processor like m4 does.

Firewall Builder (fwbuilder https://svnweb.freebsd.org/ports/head/security/fwbuilder/) consists of object-oriented GUI and set of policy compilers for various firewall platforms. In Firewall Builder, firewall policy is a set of rules, each rule consists of abstract objects which represent real network objects and services (hosts, routers, firewalls, networks, protocols). Firewall Builder helps user maintain database of objects and allows policy editing using simple drag-and-drop operations.

p5-plog (https://svnweb.freebsd.org/ports/head/security/p5-plog/) is a parser for the logged output of the ipmon utility that is part of the excellent IP-Filter packet-filtering and NAT package written and maintained by Darren Reed. plog translates the somewhat garbled output from ipmon into a report that aids analysis of your firewall traffic.

fwanalog (https://svnweb.freebsd.org/ports/head/security/fwanalog/) is a shell script that parses and summarizes firewall logfiles. It uses the excellent log analysis program Analog to create its reports.

Bugs and Features