# ipfw vs ipf vs pf



## sk8harddiefast (May 12, 2010)

HI.I have completely no idea about how to set a firewall.But i want to setup a little firewall on my pc.To cut some url,for a little protection and for learning purpose.
Witch of this 3 (ipfw,ipf,pf) is the best and the most easy to setup and use for a noob on firewalls?


----------



## graudeejs (May 12, 2010)

you can't cut url's you can block ip's (at least with pf, and ipfw)
search forum, for similar threads, this has been discussed many times


----------



## sk8harddiefast (May 12, 2010)

A.ok.i will search 
thanks


----------



## SirDice (May 12, 2010)

Firewalls work on OSI layer 3/4. URLs are layer 7. See Osi model.

And of course, the handbook; Chapter 30 Firewalls


----------



## anomie (May 12, 2010)

Right, understanding the OSI model is the first piece to this puzzle. For layer 7 "filtering" (URLs in your case), you will probably want to force connections through an HTTP proxy.

-------

Not really relevant to this thread, but I'd also point out that ipfw(8) can be configured to perform some level of layer 2 filtering.


----------



## blackjack (May 14, 2010)

you can do this with commands


```
nslookup google.com | grep Address | grep -v # | awk '{print $2}'
```


```
ipfw table 1 add <ip_address>
```


```
ipfw add 1 deny ip from $local_net to "table(1)"
```

but it is wrong way, because at one IP may hosts many site and if you block ip you block all sites, not only google.com


----------



## sk8harddiefast (May 14, 2010)

that sounds not very good


----------



## fred974 (Jul 22, 2015)

Hi there,
Just out of curiosity, could you tell me which firewall you ended up with and why?
I am in the same process at the moment 

Fred


----------

