not ipcop?
Darrin Chandler
dwchandler at stilyagin.com
Sun Jan 20 12:32:12 MST 2008
On Sat, Jan 19, 2008 at 09:24:35PM -0700, Ben Francom wrote:
> > If you want to try I (and hopefully others) will help.
>
> Yes, I'd be willing to offer some advice.
Yay!
> I don't know what it is about PF, I was just more intrigued by it than
> IPtables/ipfw/netfilter.
PF is pretty awesome. IMHO it's easier to get up and running with PF
than iptables, and easier to maintain. And it's made by the developers
of the most secure free OS. For the curious, here's a complete and
non-trivial firewall config for a home office / small office:
http://www.openbsd.org/faq/pf/example1.html#allrules
I know there are others on this list using BSD on edge devices and Linux
for all desktops, etc. I think it's good to know what your options are
and use the tool you like for a given job.
> It is definitely not for the faint of heart. I haven't done any wireless on
> this setup, so YMMV.
Compared to a point & click firewall that's true enough. Once you get
your fingers into config files I think PF is easier.
For wireless I have done that with a soekris box I have (OpenBSD, not
FreeBSD) and it works pretty well. The mini-pci card I have bites wrt
signal strength, but that's just weak hardware.
--
Darrin Chandler | Phoenix BSD User Group | MetaBUG
dwchandler at stilyagin.com | http://phxbug.org/ | http://metabug.org/
http://www.stilyagin.com/ | Daemons in the Desert | Global BUG Federation
More information about the PLUG-discuss
mailing list