Date: Mon, 23 Jan 2006 08:59:45 -0800 (PST) From: Danial Thom <danial_thom@yahoo.com> To: Vincent Chen <vctw@yahoo.com>, freebsd-questions@FreeBSD.ORG Subject: Re: open source freebsd security appliance project Message-ID: <20060123165946.61615.qmail@web33314.mail.mud.yahoo.com> In-Reply-To: <20060123140618.75958.qmail@web35808.mail.mud.yahoo.com>
next in thread | previous in thread | raw e-mail | index | archive | help
The question of the day is: why are you porting it to 6.0? Have you proven that its better? There are many commercial "appliances" that are sticking with 4.x because its more suitable for that kind of application. The issue with an open-source type of appliance is capacity; The kind of people that really need such an appliance AND have the talent in house to benefit from it usually need more than ALTQ and IPFIREWALL can deliver. You'll only diminish that by going to 6.0, while also introducing the one thing that will keep anyone from using any product: instability. After all, a slow stable appliance is of some use to some people; while even a really fast unstable appliance is of use to no-one at all. DT --- Vincent Chen <vctw@yahoo.com> wrote: > Hi, all > > I have tried to build a security applicance > based on FreeBSD 4.7 since 2001. > Which contains: > > central syslog server (syslogd) > ntp sevice (ntpd) > dhcp server (dhcpd) > dns (bind) > > IPSec (ipsec-tools) > PPTP (mpd) > > firewall (ipfilter) > traffic shape (ALTQ) > IDS (snort) > > Utilization monitor (MRTG) > > Web console including > 1. report system for firewall, ids, system > 2. configuration interface for some sub-system > (not actually working yet) > > > Recently, I upgraded this appliance to FreeBSD > 6.0. Now I got: > > * a new list of required package > * a custom kernel configuration file for 6.0 > * collection of my custom packages (mostly perl > based) > > Old web pages for this appliance avaliable > here: > > http://isolution.dyndns.biz/en/si/sc/feature.html > > Some code are broken after upgrade to 6.0. A > document to put them all togather > is not completed yet. I plan to start a open > source project base on current > resource and the goal is to build a small and > compact FreeBSD security > appliance, most importantly cost effective. The > first step is starting a close > test before release it to public and discuss > how to proceed. If you are FreeBSD > power user and interested, you are welcome to > contact me and receive a copy of > current work. Any suggestions are always > welcome. > > > Vincent Chen > > > > > > ___________________________________________________ > 最新版 Yahoo!奇摩即時通訊 > 7.0,免費網路電話任你打! > http://messenger.yahoo.com.tw/ > _______________________________________________ > freebsd-questions@freebsd.org mailing list > http://lists.freebsd.org/mailman/listinfo/freebsd-questions > To unsubscribe, send any mail to > "freebsd-questions-unsubscribe@freebsd.org" > __________________________________________________ Do You Yahoo!? Tired of spam? Yahoo! Mail has the best spam protection around http://mail.yahoo.com
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20060123165946.61615.qmail>