# default firewall in FeeBSD



## m4rtin (Apr 26, 2010)

I just installed FreeBSD 8.0 + xorg + gnome + firefox. As much as I know, there is no firewall with Gnome(probably just frontends for _iptables_, _pf_ etc). However, am I correct, that there are _IPFW_, _PF_ and _IPF_ installed with the base FreeBSD system by default? Which one of those is activated by default?


----------



## SirDice (Apr 26, 2010)

m4rtin said:
			
		

> I just installed FreeBSD 8.0 + xorg + gnome + firefox. As much as I know, there is no firewall with Gnome(probably just frontends for _iptables_, _pf_ etc).


Gnome is a desktop environment and has nothing to do with networking.



> However, am I correct, that there are _IPFW_, _PF_ and _IPF_ installed with the base FreeBSD system by default?


Yes, all three are part of the base FreeBSD OS.



> Which one of those is activated by default?


None of them are activated by default.


----------



## Anonymous (Apr 27, 2010)

m4rtin said:
			
		

> I just installed FreeBSD 8.0 + xorg + gnome + firefox. As much as I know, there is no firewall with Gnome(probably just frontends for _iptables_, _pf_ etc). However, am I correct, that there are _IPFW_, _PF_ and _IPF_ installed with the base FreeBSD system by default? Which one of those is activated by default?



For me was PF the easy way to setup.
You will find "howto" and examples too.


----------



## graudeejs (Apr 27, 2010)

I used pf. right now I use ipfw. Both are nice


----------



## m4rtin (Apr 27, 2010)

ok, I see. The reason why did I think that one of the firewalls is enabled by default was that I had some download issues with "pkg_add -rv packagename". It uses FTP and it seemed to me that FTP sessions did never start. However, it turned out, that this was the problem -> link. However, am I correct, that before enabling for example _pf_, I'm all open to the outside world?


----------



## graudeejs (Apr 27, 2010)

m4rtin said:
			
		

> ok, I see. The reason why did I think that one of the firewalls is enabled by default was that I had some download issues with "pkg_add -rv packagename". It uses FTP and it seemed to me that FTP sessions did never start. However, it turned out, that this was the problem -> link. However, am I correct, that before enabling for example _pf_, I'm all open to the outside world?



Not unless you have apps, that listen to some ports


----------



## SirDice (Apr 28, 2010)

m4rtin said:
			
		

> ok, I see. The reason why did I think that one of the firewalls is enabled by default was that I had some download issues with "pkg_add -rv packagename". It uses FTP and it seemed to me that FTP sessions did never start. However, it turned out, that this was the problem -> link. However, am I correct, that before enabling for example _pf_, I'm all open to the outside world?



You are behind a router, that's why you have to use passive FTP. This means your machine isn't directly accessible from the internet.


----------

