What is your favourite/best firewall on FreeBSD and why?
Mike Tancsa
mike at sentex.net
Wed May 21 18:38:32 UTC 2014
On 5/20/2014 3:09 AM, Lucius Rizzo wrote:
> I have been looking into articles comparing firewalls that come with
> FreeBSD. There isn't much recent info on the net. I am currently using
> FreeBSD 10 with IPFilter.
It depends. I will use ipfw or pf depending on the app. But I never use
ipfilter as there is really no one maintaining it in FreeBSD. Also, if
you are using RELENG_10, using pf can better take advantage of multiple
cores.
For stateful firewalls, pf is the way to go for me. The rules are easy
to manage in a simple text configuration file which makes it easier to
maintain across reboots. ipfw is good (for me) where speed is
important, and very few rules are needed. Also, if you want to do
traffic shaping, dummynet+ipfw works well. The traffic shaping solutions
for pf are not so good right now.
---Mike
--
-------------------
Mike Tancsa, tel +1 519 651 3400
Sentex Communications, mike at sentex.net
Providing Internet services since 1994 www.sentex.net
Cambridge, Ontario Canada http://www.tancsa.com/
More information about the freebsd-stable
mailing list