[ previous ] [ next ] [ threads ]
 
 From:  "Braden McGrath" <braden at mcmail dot homeip dot net>
 To:  <m0n0wall at lists dot m0n0 dot ch>
 Subject:  RE: [m0n0wall] Why I left M0N0Wall
 Date:  Tue, 29 Mar 2005 09:05:48 -0500 
I agree totally with Frederick, although I don't know how feasable it
would be to move to OBSD.  It seems to me like a natural fit between the
two - in general, Open tends to run better on older hardware and it's
already a very popular choice for firewall systems.  (Before I went to
m0n0 + Soekris, I was running Open 3.4 on a Pentium 90, and it had no
problems with my 3mbit cable line.)

Plus, pf does both shaping/queuing and rules all in the same system, no
more "two pronged" attack like we have currently with ipfw/ipfilter.

Just my $0.02...

--Braden

> -----Original Message-----
> From: Frederick Page [mailto:fpage at thebetteros dot oche dot de] 
> Sent: Tuesday, March 29, 2005 5:01 AM
> To: m0n0wall at lists dot m0n0 dot ch
> Subject: Re: [m0n0wall] Why I left M0N0Wall
> 
> Hallo Chris,
> 
> Chris Buechler schrieb am 28. March 2005:
> 
> >Actually he did help us uncover a legitimate problem with m0n0wall
> >b5+, in that it takes way more CPU than previous versions did.
> 
> I only have a WRAP, that's something like Pentium-1, 266 Mhz. 
> AFAIR the initiator of the thread had a PC with a more potent 
> CPU. However I have only 2 mBit SDSL, that's probably the 
> reason why I cannot max-out my CPU with any version of m0n0.
> 
> I also read Manuel's mail here about the issues of FBSD 5.x 
> and his reluctance to jump onto this platform. As I 
> understand it, the leap to FBSD 5.3 was a HUGE step, which 
> caused much work. The current ipfw and ipfilter software 
> might have to be replaced in the future as well, which 
> probably is another HUGE step.
> 
> Would it make any sense to consider e.g. OBSD 3.6 (which 
> already has pf, CARP, etc.) as a possible alternate platform? 
> The world's safest OS would make kind of sense on a router 
> platform (from my point of view), let alone the enhanced 
> security by e.g. pf's "scrub" feature, the enforced minimum TTL, etc.
> 
> ftp://ftp.openbsd.org/pub/OpenBSD/doc/pf-faq.pdf should put 
> up some argument here. One being performance.
> 
> Kind regards   Frederick
> 
> 
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: m0n0wall dash unsubscribe at lists dot m0n0 dot ch
> For additional commands, e-mail: m0n0wall dash help at lists dot m0n0 dot ch
> 
>