nanog mailing list archives
Re: Need advise for a linux firewall
From: gordon b slater <gordslater () ieee org>
Date: Thu, 11 Mar 2010 16:22:38 +0000
On Thu, 2010-03-11 at 11:00 -0500, Abdul Nazeer wrote:
iptables, but if anyone has any other suggestion, I'd love to hear it.
PFsense, (being freeBSD-based, comes under your "other" category) It uses the OpenBSD-based pf firewall, with a web-based GUI for almost everything (except maybe console resets). works for me in several locations, some `heavy and high`. One caveat for the current PFsense: traffic shaping in 1.2.3 release is somewhat borked (1.2.2 works much better) and it doesn't work with more than 2 interfaces, so 1 wan - 1 lan is OK. Check out the user forums for specifics scenario gotchas if any. There's a good (recent) book about it, covers 1.2.3 release, very good it is too, with lots of help for multi-wan, VLAN, IPsec, etc etc. Routes Gigabit nicely with "normal" (pci-e or pci-x) hardware. Check out the hardware sizing guide for examples. What I particularly like is the "alias" function, it makes working with huge groups of IPs easy. BGPd, etc are all available as packages - you can for example use minicom to get CLI via the console port into a cisco ADSL router or local SCADA kit Been stable for me for a couple of years now, several instances Oh, did I mention failover ? CARP Me like :) Gord -- rockin ze bedroom
Current thread:
- Need advise for a linux firewall Abdul Nazeer (Mar 11)
- Re: Need advise for a linux firewall Aaron Urbain (Mar 11)
- Re: Need advise for a linux firewall Mirko Maffioli (Mar 11)
- Re: Need advise for a linux firewall gordon b slater (Mar 11)
- Re: Need advise for a linux firewall Marty Anstey (Mar 11)
- Re: Need advise for a linux firewall gordon b slater (Mar 11)
- Re: Need advise for a linux firewall Ronald Cotoni (Mar 11)
- Re: Need advise for a linux firewall Marty Anstey (Mar 11)
- Re: Need advise for a linux firewall Abdul Nazeer (Mar 11)
- Re: Need advise for a linux firewall Jim Miller (Mar 11)
- Re: Need advise for a linux firewall Will Clayton (Mar 11)
- RE: Need advise for a linux firewall Dennis Burgess (Mar 12)
- Re: Need advise for a linux firewall Bryan Irvine (Mar 11)
- RE: Need advise for a linux firewall Mark Scholten (Mar 11)