# ipfw firewall book or...



## fernandel (Jul 21, 2019)

Hi!

I start learning firewall as firewall and IPFW firewall which I am using now. Are there more information about IPFW like is for pf firewall, please?
I search a lot but not so success.
Thank you.


----------



## Deleted member 30996 (Jul 21, 2019)

Does this help?



			WIPFW
		


Some guys ported IPFW to Windows but the definitions and syntax appear to be the same.


----------



## PMc (Jul 21, 2019)

That depends on what information You look for. 
The manpage fully describes all the implemented functions, but does so in a very terse way; it is suited for look-up, not for learning.
Then, one could go the way of trial&error: all the activity can be logged, so one can just start off and experiment and observe what is happening (that's the way I went).

A main problem might be: one needs to think out a kind of "architecture" - how to approach the task best for the given use-case. Consider ipfw providing just a bunch of brickstones, and building a proper house (or a wall) is yet another task, and there are a couple of possible approaches. There are probably books about general practices of firewall design - but no idea which of them might be useful.

So, question: do You find it just difficult to understand the manpage with its highly condensed writing, or are You looking for common best practices to handle certain traffic, or are You trying to develop the general strategy to protect a given site? As these are three different fields, and each has to be tackled somehow.


----------



## fernandel (Jul 22, 2019)

PMc said:


> That depends on what information You look for.
> The manpage fully describes all the implemented functions, but does so in a very terse way; it is suited for look-up, not for learning.
> Then, one could go the way of trial&error: all the activity can be logged, so one can just start off and experiment and observe what is happening (that's the way I went).


I agree about manpage and I star to do the same as you did - experimenting.


----------



## chrbr (Jul 26, 2019)

I found it interesting to start the firewall in /etc/rc.conf by

```
firewall_type="workstation"
```
or others and to try to understand why things show up in `ipfw show` and why that should be fine.


----------



## bookwormep (Jul 26, 2019)

There is an older Apple/Macintosh book: The Big Book of Apple Hacks, by C. Seibold; includes details of the IPFW firewall (among other tips). Not sure if this is what you want, it might help.


----------



## Nicola Mingotti (Jul 26, 2019)

fernandel said:


> Hi!
> 
> I start learning firewall as firewall and IPFW firewall which I am using now. Are there more information about IPFW like is for pf firewall, please?
> I search a lot but not so success.
> Thank you.



fernandel print the man page and read it slowly 

some time ago i gave it a shot, then i stayed with pf.


----------



## SirDice (Aug 5, 2019)

fernandel said:


> I start learning firewall as firewall and IPFW firewall which I am using now. Are there more information about IPFW like is for pf firewall, please?


I would suggest just getting a good book about TCP/IP in general. If you understand TCP/IP you will automatically understand what a firewall does and how you can use it. You will be armed with more generic information, knowledge you can apply to all sorts of firewalls and networking equipment, not just to IPFW.


----------



## jdakhayman (Aug 5, 2019)

SirDice said:


> I would suggest just getting a good book about TCP/IP in general. If you understand TCP/IP you will automatically understand what a firewall does and how you can use it. You will be armed with more generic information, knowledge you can apply to all sorts of firewalls and networking equipment, not just to IPFW.



Have any suggestions on what that good book is?


----------



## SirDice (Aug 5, 2019)

I'm quite fond of my "TCP/IP Illustrated" set. The whole set is 3 volumes but for TCP/IP you really only need Volume 1. 






						TCP/IP Illustrated, Vol. 1: The Protocols (Addison-Wesley Professional Computing Series): Stevens, W. Richard: 8601404691522: Amazon.com: Books
					

TCP/IP Illustrated, Vol. 1: The Protocols (Addison-Wesley Professional Computing Series) [Stevens, W. Richard] on Amazon.com. *FREE* shipping on qualifying offers. TCP/IP Illustrated, Vol. 1: The Protocols (Addison-Wesley Professional Computing Series)



					www.amazon.com
				




But this might be too advanced to start with. It explains _every_ bit in excruciating detail.


----------



## jdakhayman (Aug 5, 2019)

Thank you. I have several books. Especially the ones lists in the ipfw man file. This is one I dont have.


----------

