OpenBSD Journal

Isaac `Ike' Levy on m0n0wall and PFSense - Sept. 6, 2006 NYC*BUG Meeting

Contributed by niallo on from the New York, New York dept.

From Ray Lai:

Sept. 6, 2006 at 6:30 pm, Soho Apple Store at 103 Prince Street

Isaac `Ike' Levy will be presenting m0n0wall and PFSense, two BSD-based, packaged router/firewall solutions that are as solid and full featured as you'd expect from any BSD system. PFSense is, of course, based on PF.

Check the announcement for more details.

(Comments are closed)


Comments
  1. By Paladdin (213.97.233.52) on

    I've tried both -on Soekris 4501s- and I'm pretty happy with them. m0n0wall seems quite stable; I've been running a wireless link through it, with IPSec enabled, for two years now and it keeps working without trouble.

    PFSense is more experimental, both platform -FreeBSD+PF- and web interface. Somewhat funky; too many eye-candy for my taste, but kinda useful for unexperienced people. And PF is really a plus! :)

    Recommended product :D

    Comments
    1. By lepole (85.126.131.148) on

      > I've tried both -on Soekris 4501s- and I'm pretty happy with them. m0n0wall seems quite stable; I've been running a wireless link through it, with IPSec enabled, for two years now and it keeps working without trouble.
      >
      > PFSense is more experimental, both platform -FreeBSD+PF- and web interface. Somewhat funky; too many eye-candy for my taste, but kinda useful for unexperienced people. And PF is really a plus! :)
      >
      > Recommended product :D

      as far as i know monowall uses ipfw not pf. thatīs one of the reasons pfsense forked (expandibility via packages beeing another one...).

      iīve been useing pfsense for some time (3-4 months) on about 10 systems an couldnīt be happier. it lets you concentrate on your job an gives you confidence of knowing you have a great packet filter protecting you.

    2. By squeege (192.139.71.69) on

      > I've tried both -on Soekris 4501s- and I'm pretty happy with them. m0n0wall seems quite stable; I've been running a wireless link through it, with IPSec enabled, for two years now and it keeps working without trouble.
      >
      > PFSense is more experimental, both platform -FreeBSD+PF- and web interface. Somewhat funky; too many eye-candy for my taste, but kinda useful for unexperienced people. And PF is really a plus! :)
      >
      > Recommended product :D

      I agree, m0n0wall is no nonsense and rock solid.

      pfSense is a little too heavy on the user interface, and is not really ready for prime-time yet. Very promising though.

  2. By Nicram (84.40.176.68) nicram@nicram.sytes.net on http://nicram.sytes.net/

    To bad there is no pfsense based on OpenBSD :/

    Comments
    1. By Anonymous Coward (68.227.41.220) on

      > To bad there is no pfsense based on OpenBSD :/

      really only because of a lack of wpa suupport, which may or may not be worked on. or you could work on it.

      Comments
      1. By Nicram (84.40.176.68) nicram@nicram.sytes.net on http://nicram.sytes.net/

        > > To bad there is no pfsense based on OpenBSD :/
        >
        > really only because of a lack of wpa suupport, which may or may not be worked on. or you could work on it.

        Well i'm not programmer. Of course I do everything for OpenBSD as i can (marketing, advocacy, websites, FAQs etc.). By making more ppl know about OpenBSD & more ppl use it, i believe some day, someone that use it because of me will add something nice to the OS. & other maybe help the project by buying Cs or sending some money fot the project. Ofcourse it's not some programming job that is need for OpenBSD, but as i said i'm not coder. I may do only what i can do. It's better than nothing :)

  3. By Anonymous Coward (88.191.18.162) on

    i finally migrated to openbsd PF and it is GREAT! the first time i tried it i was sold! :-) and now their is m0n0wall and pfsense!

    but a friend (a linux fanboy :-)) said that pf does not work with snort inline. that is not true right?

    Comments
    1. By Anonymous Coward (162.58.82.244) on

      > i finally migrated to openbsd PF and it is GREAT! the first time i tried it i was sold! :-) and now their is m0n0wall and pfsense!
      >
      > but a friend (a linux fanboy :-)) said that pf does not work with snort inline. that is not true right?

      According to the documenation it uses iptables. There is at least one or two snort2pf type projects out there though.

      Comments
      1. By Anonymous Coward (217.160.132.150) on

        > According to the documenation it uses iptables. There is at least one or two snort2pf type projects out there though.

        Spoink and Snort2pf come to mind. I've not tested them, but they appear to be the kind of thing that's being looked for. HTH.

Credits

Copyright © - Daniel Hartmeier. All rights reserved. Articles and comments are copyright their respective authors, submission implies license to publish on this web site. Contents of the archive prior to as well as images and HTML templates were copied from the fabulous original deadly.org with Jose's and Jim's kind permission. This journal runs as CGI with httpd(8) on OpenBSD, the source code is BSD licensed. undeadly \Un*dead"ly\, a. Not subject to death; immortal. [Obs.]