Hello, and thank you for your reply.
Quoting Chris Peterson <ch...@lameness.info>:
Pfsense sounds like exactly what you're looking for. It's a stripped
down freeBSD
Don't get me wrong, I think pfSense goes a long way to my intended
goal - not the least of which, is pfDNS. I haven't written it off
by any means.
with a fancy web interface (well, not too fancy,
To be honest - the first thing I'd do, is strip the (any) GUI stuff
out. I have no issue with opening a terminal shell via cu - tip(1).
In fact, for security reasons, I'd prefer to insure that the only
access available is over a serial port (local). Not to mention the
size/space savings gains. :)
it's been incredibly stable for me). I've deployed it a couple times
in pseudo production environments and it's been holding up well for
the last 1.5years+.
You can also check out
http://www.netgate.com/product_info.php?cPath=60_84&products_id=492
for a nice PIX-sized chasis for pfsense if you need a small box.
Looks intriguing. The only real advantage I see here, would be the
amount of ram available. The 837 I propose to use, only supports 64Mb.
Thanks again for your infoamative response.
--Chris
On Jan 29, 2009, at 6:02 AM, Chris H wrote:
Hello, and thank you for your reply.
Quoting Michael Grant <mg-fb...@grant.org>:
On Thu, Jan 29, 2009 at 2:15 PM, Chris H <chr...@1command.com> wrote:
Hello, and thank you for your reply.
While it's not /exactly/ what I was looking for - it's close. :)
The "filtering" capability is my biggest gripe on the Cisco
*DSL products. They're just not as /capable/ as is offered in
FBSD. DNS is another plus (pfDNS). But I don't think I'd be
modify pfDNS to accomodate BIND, or unbound. Although tinydns
might be able to fit the bill. Oh well, it's close - thanks
for the pointer. :)
You can run iptables on openwrt.
Actually, I was thinking more along the lines of pf(4). I think it's
more efficient - especially combined with all the network tuning that
has been done recently by Robert Watson, John Baldwin, Mohan Srinivasan,
Peter Wemm, and others. Another reason I'm so inclined to be FBSD centric
on this. :)
You can compile most anything for
it, you're only limited by it's memory and cpu. I'm not familiar with
pfDNS. But if it runs on freebsd, it probably can be made to run on
openwrt as well.
Indeed, it's running a FreeBSD base. But like you said; CPU, and Memory
are the only boundries here. Will need to do more research to compare
limits against a /desired/ install base.
Thanks again for the reply.
--Chris
Michael
_______________________________________________
freebsd-stable@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-stable
To unsubscribe, send any mail to "freebsd-stable-unsubscr...@freebsd.org "
_______________________________________________
freebsd-stable@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-stable
To unsubscribe, send any mail to "freebsd-stable-unsubscr...@freebsd.org"
