Need advise for a linux firewall

Mark Scholten mark at streamservice.nl
Thu Mar 11 18:48:03 CST 2010



> -----Original Message-----
> From: Daniel Staal [mailto:DStaal at usa.net]
> Sent: Friday, March 12, 2010 1:37 AM
> To: nanog at nanog.org
> Subject: Re: Need advise for a linux firewall
> 
> --As of March 11, 2010 4:22:38 PM +0000, gordon b slater is alleged to
> have
> said:
> 
> > One caveat for the current PFsense: traffic shaping in 1.2.3 release
> is
> > somewhat borked (1.2.2 works much better) and it doesn't work with
> more
> > than 2 interfaces, so 1 wan - 1 lan is OK.
> 
> --As for the rest, it is mine.
> 
> One more, given the other current thread going on at the moment: The
> current version of PFsense doesn't support IPv6 through the GUI.  (The
> OS
> and PF support it, but you have to log in to a shell to configure it.)
> 
That is why we use Debian with IPtables (works great, easy to manage).
Deploying anything now that doesn't fully support IPv6 is something I won't
do unless there is no other option (and I strongly advice everyone else to
be at least IPv6 ready).

> It's on their to-do list.
> 
> Daniel T. Staal
> 
> ---------------------------------------------------------------
> This email copyright the author.  Unless otherwise noted, you
> are expressly allowed to retransmit, quote, or otherwise use
> the contents for non-commercial purposes.  This copyright will
> expire 5 years after the author's death, or in 30 years,
> whichever is longer, unless such a period is in excess of
> local copyright law.
> ---------------------------------------------------------------
Sorry, legally I am allowed to do that by local laws.

Regards, Mark





More information about the NANOG mailing list