[ previous ] [ next ] [ threads ]
 
 From:  "Sancho2k.net Lists" <lists at sancho2k dot net>
 To:  Frederick Page <fpage at thebetteros dot oche dot de>
 Cc:  m0n0wall at lists dot m0n0 dot ch
 Subject:  Re: [m0n0wall] OpenBSD Packet Filter in m0n0wall?
 Date:  Tue, 29 Mar 2005 22:42:55 -0700
Frederick Page wrote:

> That's why I am asking. I cannot know the reasons for the current
> platform, there might very well be killer-arguments against a change
> to another BSD.
> 
> There are other BSD branches out there, they are related but more or
> less different. About anything running on FBSD can be compiled on OBSD
> and vice versa. Except a leap to OBSD would really be huge, as ipfw
> and ipfilter will not work there (only pf). Since pf already found
> it's way into FBSD now, this change to pf will (IMHO) only be a matter
> of time.

I'd like to see a project of the same kind as m0n0wall spring up on
OpenBSD. pf is featureful, secure, slim, and unencumbered. pfsync and
CARP are no-brainers for a high-availability firewall cluster. OpenNTPD
is featureless but keeps reliable time and is tiny and easy to maintain
and configure. The project has even produced a native userland bgpd and
soon ospfd (IIRC).

It seems to me that OpenBSD is just screaming for someone to pick up the
initiative and produce a nice embedded systems project a la m0n0wall.
It's small, secure, and no-nonsense.

Granted, these applications have been designed to be portable and will
all be available in FreeBSD, but there is something to be said for
running on the native platform at times.

DS