IPFilter

IPFilter or commonly referred as ipf is a software package that can be used to provide network address translation (NAT) or firewall services. It can either be used as a loadable kernel module or incorporated into the UNIX kernel; use as a loadable kernel module where possible is highly recommended. Scripts are provided to install and patch system files, as required. Author and maintainer is Darren Reed.

IPFilter comes as a part of FreeBSD, NetBSD and xMach. Operating systems that IPFilter is known to work with are listed below.

• BSD/OS-1.1 – 4
• FreeBSD 2.0.0 – 2.2.8
• IRIX 6.2, 6.5
• HP-UX 11.00 (IPFilter 4.0alpha*)
• Linux kernel 2.4 – 2.6
• NetBSD 1.0 – 1.4
• OpenBSD 2.0 – 3.5
• QNX 6 port
• Solaris/Solaris-x86 2.3 – 9
• SunOS 4.1.3 – 4.1.4
• Tru64 5.1a (IPFilter 4.0alpha*)

External links

• IPFilter homepage
• Diagram illustrating the packet flow
• The IPFilter FAQ by Phil Dibowitz
• IPFilter howto
• Current IPFilter license