Firewall Wizards mailing list archives

Re: OpenBSD pf users?

From: "Paul Melson" <pmelson () gmail com>
Date: Tue, 11 Dec 2007 11:29:58 -0500

On Dec 9, 2007 9:33 AM, Wim Lamotte <Wim.Lamotte () uhasselt be> wrote:

If anyone has evaluated the OpenBSD pf platform in the past, and concluded
that there were good reasons not to use it, I would also be very interested
to know what these reasons were.


My primary complaint about OpenBSD is the lack of IPSec VPN support in
current releases.  (Not that releases with IPSec in the kernel had
good support to begin with.)

But as far as pf goes, I use it at home and have for years.
Ironically, I switched to it after completing my CCSA/CCSE certs, when
I had been running Check Point NG-AI as my home firewall for practice.
 I switched from my P2/450 with 256MB RAM and PCI 10/100 NICs running
SPLAT to a P/166 with 64MB RAM and 10Mbps ISA NICs running OpenBSD and
pf, and found pf to be faster on a 4Mbps cable modem.  It's also easy
to script changes to pf.conf, and it's been very stable in my
experience.  If I didn't have a need for VPN or content filtering, I
would consider it as a contender for an enterprise firewall.

PaulM
_______________________________________________
firewall-wizards mailing list
firewall-wizards () listserv icsalabs com
https://listserv.icsalabs.com/mailman/listinfo/firewall-wizards

Current thread:

OpenBSD pf users? Wim Lamotte (Dec 11)
- Re: OpenBSD pf users? ArkanoiD (Dec 13)
- <Possible follow-ups>
- Re: OpenBSD pf users? Jim O'Gorman (Dec 11)
- Re: OpenBSD pf users? Paul Melson (Dec 11)
  - Re: OpenBSD pf users? Joshua Hill (Dec 11)
- Re: OpenBSD pf users? Matthew Franz (Dec 11)
- Re: OpenBSD pf users? Robby Cauwerts (Dec 12)
  - Re: OpenBSD pf users? Wim Lamotte (Dec 12)