Firewall Wizards mailing list archives
Re: OpenBSD pf users?
From: "Paul Melson" <pmelson () gmail com>
Date: Tue, 11 Dec 2007 11:29:58 -0500
On Dec 9, 2007 9:33 AM, Wim Lamotte <Wim.Lamotte () uhasselt be> wrote:
If anyone has evaluated the OpenBSD pf platform in the past, and concluded that there were good reasons not to use it, I would also be very interested to know what these reasons were.
My primary complaint about OpenBSD is the lack of IPSec VPN support in current releases. (Not that releases with IPSec in the kernel had good support to begin with.) But as far as pf goes, I use it at home and have for years. Ironically, I switched to it after completing my CCSA/CCSE certs, when I had been running Check Point NG-AI as my home firewall for practice. I switched from my P2/450 with 256MB RAM and PCI 10/100 NICs running SPLAT to a P/166 with 64MB RAM and 10Mbps ISA NICs running OpenBSD and pf, and found pf to be faster on a 4Mbps cable modem. It's also easy to script changes to pf.conf, and it's been very stable in my experience. If I didn't have a need for VPN or content filtering, I would consider it as a contender for an enterprise firewall. PaulM _______________________________________________ firewall-wizards mailing list firewall-wizards () listserv icsalabs com https://listserv.icsalabs.com/mailman/listinfo/firewall-wizards
Current thread:
- OpenBSD pf users? Wim Lamotte (Dec 11)
- Re: OpenBSD pf users? ArkanoiD (Dec 13)
- <Possible follow-ups>
- Re: OpenBSD pf users? Jim O'Gorman (Dec 11)
- Re: OpenBSD pf users? Paul Melson (Dec 11)
- Re: OpenBSD pf users? Joshua Hill (Dec 11)
- Re: OpenBSD pf users? Matthew Franz (Dec 11)
- Re: OpenBSD pf users? Robby Cauwerts (Dec 12)
- Re: OpenBSD pf users? Wim Lamotte (Dec 12)