[rescue] RFA: firewall

[Shirker]

On Thu, 6 Jan 2005, Jonathan C. Patschke wrote:

> > What's your recommendations, and why?
>
> I like OpenBSD.  It's a small distribution.  The attitudes of the team,
> though abrasive at times, are very security-conscious.  pf is very easy
> to understand, even as your configuration grows in complexity.

<snip>

One more vote for OpenBSD/pf. I use it myself on several machines (mainly
Suns, but a few PeeCees too) and it's been an absolute joy to work with.

> You can't knock the ports, either.  Installing something like squid from
> the ports Just Works, and is a nice addition to a gateway/firewall.  I
> should point out that my SPARCclassic is doing this, as well.  It's
> unhappy, and it swaps a lot, but it's plenty usable.  OpenBSD has a
> very slim footprint for being such a featureful operating system.

What Jonathan said. The package management system is top notch. It's great
just being able to do pkg_add
ftp://local.mirror.openbsd.org/version/arch/package.tgz and have it sort
everything out (including dependencies) itself.

OpenBSD (I understand this is true for all the BSDs, but Open is the only
one I've used) is also astoundingly fast, IME. It really *goes*.

Ed.