[SunHELP] buy firewall router or use SB100 and ipfilter
Steve Sandau
ssandau at gwi.net
Thu Sep 10 18:12:57 CDT 2009
>> btw you're probably also better off replacing the stock solaris
>> ipfilter with darren reed's latest, from
>> http://coombs.anu.edu.au/~avalon/ if you aren't already aware.
>
>
> Another [very good] option would be OpenBSD and pf. That's what I use
> on my firewall, currently on a U5.
>
>
I'd echo the OpenBSD suggestion. I have a SS5 and an SS4 firewalling a
cable connection and a DSL connection. The bandwidth limitation is not
the firewall.
I found pf to be much easier and more intuitive than iptables on Linux,
and easier than ipf on Solaris. Additionally, OBSD is just plain hard to
hack.
Steve
More information about the SunHELP
mailing list