[MLUG] [ot] Looking for high performance open source firewall
Emery Guevremont
emery.guevremont at gmail.com
Wed Dec 17 16:08:31 EST 2008
I've been working for the past couple of months for a new company that uses
OpenBSD as its firewall. I have to say I'm impress at how everything is well
integrated (pf/carp/ipsec/relayd/sasyncd). Like someone previously said,
OpenBSD is well tested, but has the disavantage of being a little behind
with programs like firefox (not that it matters here), but I wouldn't
recommend it as a desktop OS ;-P. BTW it's also maintained by a Canadian.
Another thing about OpenBSD is that releases are scheduled every 6 mths. One
thing I learned about OpenBSD, forget about compiling your own kernel, it's
not part of the culture. You won't get any support if you compile a custom
kernel and you need help with it. Kernel and program options are decided by
the programmer of OpenBSD. But this has the avantage of simplifying the
testing process and allow you to have a more reliable and stable system.
As a first step, you could read this, it help you understand pf with some
comparison with iptables.
http://home.nuug.no/~peter/pf/en/index.html
-------------- next part --------------
An HTML attachment was scrubbed...
URL: /pipermail/mlug-listserv.mlug.ca/attachments/20081217/81de8d14/attachment.htm
More information about the mlug
mailing list