This article has multiple issues. Please help improve it or discuss these issues on the talk page. (Learn how and when to remove these messages)
|
Developer(s) | Darren Reed |
---|---|
Stable release | 5.1.2
/ 22 July 2012 |
Repository |
|
Operating system | FreeBSD, NetBSD, Solaris, illumos (OpenIndiana), Linux, HP-UX |
Type | Packet filtering |
License | Before 4.1.35 and 5.1.1: IPFilter License (BSD-like); Since 4.1.35 and 5.1.1: GNU GPLv2[note 1] |
Website | www |
IPFilter (commonly referred to as ipf) is an open-source software package that provides firewall services and network address translation (NAT) for many Unix-like operating systems. The author and software maintainer is Darren Reed. IPFilter supports both IPv4 and IPv6 protocols, and is a stateful firewall.
IPFilter is delivered with FreeBSD,[2] NetBSD,[3] Solaris 10 through 11.3,[4] illumos[5] (OpenIndiana[6]) and HP-UX.[7] It used to be a part of OpenBSD, but it was removed by Theo de Raadt in May 2001 due to problems with its license.[8] It was subsequently replaced in OpenBSD by PF, which was developed by OpenBSD's own developers. DragonFly BSD removed its support for IPFilter in May 2011. Oracle Solaris imported the PF firewall from OpenBSD in the 11.3 release, and removed IPFilter in the 11.4 release. [9]
IPFilter can be installed as a runtime-loadable kernel module or directly incorporated into the operating system kernel, depending on the specifics of each kernel and user preferences. The software's documentation recommends the module approach, if possible.
illumos uses ipfilter for firewalling. Using ipfilter you can create firewalls not just for the host system, but also for zones and hardware virtualized systems.
Cite error: There are <ref group=note>
tags on this page, but the references will not show without a {{reflist|group=note}}
template (see the help page).