On 10.11.2004 09:46 +0000, Peter Curran wrote:
> In fact, I may be so bold as to suggest that if m0n0 went down the
> pf route, it may as well kick FreeBSD into touch and just cut
> across to OpenBSD.
Well, I've got the impression that FreeBSD is less picky about
hardware (I've had machines that wouldn't boot an OpenBSD kernel
properly but didn't have any problems with FreeBSD), which seems to
be an important point with people running m0n0wall on all kinds of
junk PCs. My last performance benchmarks are already several months
old, but at least back then, FreeBSD was considerably faster
(measured network throughput). And I'm sorry, but reading some of the
messages from OpenBSD's founder didn't make me feel like switching.
Then again, the story involves the founder of ipfilter as well...
Please tell me never to touch a keyboard again if I ever end up like
> I have no experience at all of using pf on FreeBSD, so I do not
> know if the same level of integration and functionality achieved
> on OpenBSD is available under FreeBSD 5.3, but my experience of
> using it on OpenBSD leaves me in no doubt at all of which firewall
> is the best (and it isn't ipf).
Yeah, agreed, pf really makes a cleaner impression. However, I'm not
convinced the integration into FreeBSD is good enough yet. pf should
be run under OpenBSD, which it was designed for, but the concerns
listed above prevent switching m0n0wall to OpenBSD.