From owner-freebsd-isp@FreeBSD.ORG Sun Apr 6 12:30:44 2003 Return-Path: Delivered-To: freebsd-isp@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 182F037B401 for ; Sun, 6 Apr 2003 12:30:44 -0700 (PDT) Received: from blue.centerone.com (blue.centerone.com [204.133.183.111]) by mx1.FreeBSD.org (Postfix) with ESMTP id 657B743F93 for ; Sun, 6 Apr 2003 12:30:43 -0700 (PDT) (envelope-from rf-list@centerone.com) Received: from DELIVERANCE-XP.centerone.com (ppp-168-253-13-120.den1.ip.ricochet.net [168.253.13.120]) by blue.centerone.com (8.9.3/8.9.3) with ESMTP id NAA04142 for ; Sun, 6 Apr 2003 13:53:35 -0600 Message-Id: <5.1.0.14.2.20030406125326.02edd078@mail.centerone.com> X-Sender: rf-list@mail.centerone.com X-Mailer: QUALCOMM Windows Eudora Version 5.1 Date: Sun, 06 Apr 2003 13:28:05 -0600 To: From: Ralph Forsythe In-Reply-To: <200304061408.AA81592870@mandala-designs.com> Mime-Version: 1.0 Content-Type: text/plain; charset="us-ascii"; format=flowed Subject: Re: FreeBSD as a firewall X-BeenThere: freebsd-isp@freebsd.org X-Mailman-Version: 2.1.1 Precedence: list List-Id: Internet Services Providers List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sun, 06 Apr 2003 19:30:44 -0000 I am using OpenBSD as my firewall, currently on 3.2, and will be 3.3 after it comes out and seems stable. I have been using it for a couple of years now and love it; and yes, the security of the system is a primary consideration, that and the fact that I can get a complete system up and configured in less time than it takes to get a pizza delivered. Performance is great as well, I've never seen the load go past 95% idle. One guy on the OBSD list tested it with I believe about 50,000 open states with a lot of bandwidth and it never went below 85% idle. That says something... Currently I have it on a P3-600 (overkill, but it's the only spare rackmount system I had) with one on-board ethernet and a 4-port Znyx 100-mbit card. Works great! FreeBSD will likely work well for a firewall, I just found PF on OpenBSD to be about the damn coolest thing I've used for it in a while (note: I have never used FBSD as a firewall, just for servers/workstations). - Ralph At 02:08 PM 4/6/2003 -0400, ljacobs wrote: >Folks -- > >If you are using IPFW or IPFilter or PF as a packet filer/firewall on your >FreeBSD system I am interested in hearing about your configuration and >satisfaction with your setup. How did you make your dwecision? What type >of hardware are you running this on? Do you have anything else running on >that computer besides the firewall? Have you had any breakins in spite of >this protection? Would you consider OpenBSD as an alternative for a >firewall because of its security and ease of using and managing PF? > >Thanks for any comments. > > >________________________________________________________________ >Sent via the WebMessaging system at mandala-designs.com > > > > >_______________________________________________ >freebsd-isp@freebsd.org mailing list >http://lists.freebsd.org/mailman/listinfo/freebsd-isp >To unsubscribe, send any mail to "freebsd-isp-unsubscribe@freebsd.org"