# IPFilter newb question



## Desreguard (Jun 4, 2011)

hey guys in trin to build a firewall, and i have comipled my kernel with the IPFILTER, IPFILTER_LOG and IPFILTER_DEFAULT_BLOCK options. The book that i was using was telling me to edit the /etc/ipf.conf. Do i actaully create this file or do i edit the /etc/rc.firewall file to put all my rules?

Hey guys, I'm trying to build a firewall, and I have comipled my kernel with the IPFILTER, IPFILTER_LOG and IPFILTER_DEFAULT_BLOCK options. The book that I was using was telling me to edit the /etc/ipf.conf. Do I actually create this file or do I edit the /etc/rc.firewall file to put all my rules?


----------



## francis (Jun 5, 2011)

Hi, generally look here IPFW firewall. Personally I never edited the /etc/rc.firewall file, because rules included in this file should be reviewed to fit your needs if firewall type is set as *client* or *simple*. Personally I wrote rules in the /etc/ipfw.conf file, which could be placed anywhere and could be named anything you want. I also added to the /etc/rc.conf file options that were responsible for the firewall type, e.g. 
	
	



```
firewall_type="client" -- firewall will try to protect only Your machine.
```
 If it comes to compiling the kernel with options for the firewall. I did this only when I  need advanced features such as, for example, *NAT*. Otherwise I used 
	
	



```
firewall_enable="YES"
```
 as option in the rc.conf file. In addition, you should read the man page for ipfw(8). I hope that I've helped you to resolve yours doubts.


----------

