From owner-freebsd-stable@FreeBSD.ORG Thu Jan 29 18:32:11 2009 Return-Path: Delivered-To: freebsd-stable@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id 715DA1065672 for ; Thu, 29 Jan 2009 18:32:11 +0000 (UTC) (envelope-from chris@lameness.info) Received: from rv-out-0506.google.com (rv-out-0506.google.com [209.85.198.238]) by mx1.freebsd.org (Postfix) with ESMTP id 47C108FC14 for ; Thu, 29 Jan 2009 18:32:11 +0000 (UTC) (envelope-from chris@lameness.info) Received: by rv-out-0506.google.com with SMTP id b25so41864rvf.43 for ; Thu, 29 Jan 2009 10:32:10 -0800 (PST) Received: by 10.140.126.14 with SMTP id y14mr133898rvc.206.1233251991373; Thu, 29 Jan 2009 09:59:51 -0800 (PST) Received: from indica.petersontechservices.com ([76.14.77.139]) by mx.google.com with ESMTPS id f21sm80664rvb.7.2009.01.29.09.59.50 (version=TLSv1/SSLv3 cipher=RC4-MD5); Thu, 29 Jan 2009 09:59:50 -0800 (PST) Message-Id: From: Chris Peterson To: Chris H In-Reply-To: <20090129060243.adauuua9eokcsos8@webmail.1command.com> Mime-Version: 1.0 (Apple Message framework v930.3) X-Priority: 3 (Normal) Date: Thu, 29 Jan 2009 09:59:49 -0800 References: <20090129015034.7dxisep21w04gksg@webmail.1command.com> <0bca01c98202$a6124350$f236c9f0$@co.uk> <20090129051522.a92df0myf44gsko4@webmail.1command.com> <62b856460901290538x5d857f08ka3b2ffb5a7aa8e7f@mail.gmail.com> <20090129060243.adauuua9eokcsos8@webmail.1command.com> X-Mailer: Apple Mail (2.930.3) Content-Type: text/plain; charset=US-ASCII; format=flowed; delsp=yes Content-Transfer-Encoding: 7bit X-Content-Filtered-By: Mailman/MimeDel 2.1.5 Cc: freebsd-stable@freebsd.org Subject: Re: Replace Cisco IOS/CBOS with freebsd - possible? X-BeenThere: freebsd-stable@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: Production branch of FreeBSD source code List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 29 Jan 2009 18:32:11 -0000 Pfsense sounds like exactly what you're looking for. It's a stripped down freeBSD with a fancy web interface (well, not too fancy, it's been incredibly stable for me). I've deployed it a couple times in pseudo production environments and it's been holding up well for the last 1.5years+. You can also check out http://www.netgate.com/product_info.php?cPath=60_84&products_id=492 for a nice PIX-sized chasis for pfsense if you need a small box. On Jan 29, 2009, at 6:02 AM, Chris H wrote: > Hello, and thank you for your reply. > > Quoting Michael Grant : > >> On Thu, Jan 29, 2009 at 2:15 PM, Chris H wrote: >>> Hello, and thank you for your reply. >>> >>> While it's not /exactly/ what I was looking for - it's close. :) >>> The "filtering" capability is my biggest gripe on the Cisco >>> *DSL products. They're just not as /capable/ as is offered in >>> FBSD. DNS is another plus (pfDNS). But I don't think I'd be >>> modify pfDNS to accomodate BIND, or unbound. Although tinydns >>> might be able to fit the bill. Oh well, it's close - thanks >>> for the pointer. :) >> >> You can run iptables on openwrt. > > Actually, I was thinking more along the lines of pf(4). I think it's > more efficient - especially combined with all the network tuning that > has been done recently by Robert Watson, John Baldwin, Mohan > Srinivasan, > Peter Wemm, and others. Another reason I'm so inclined to be FBSD > centric > on this. :) > >> You can compile most anything for >> it, you're only limited by it's memory and cpu. I'm not familiar >> with >> pfDNS. But if it runs on freebsd, it probably can be made to run on >> openwrt as well. > > Indeed, it's running a FreeBSD base. But like you said; CPU, and > Memory > are the only boundries here. Will need to do more research to compare > limits against a /desired/ install base. > > Thanks again for the reply. > > --Chris > >> >> Michael >> > > > > _______________________________________________ > freebsd-stable@freebsd.org mailing list > http://lists.freebsd.org/mailman/listinfo/freebsd-stable > To unsubscribe, send any mail to "freebsd-stable-unsubscribe@freebsd.org > "