Mostaf Faridi <mostafafaridi () gmail ! com> wrote: > My problem is this I do not enough time to start from scratch and make new > rule .
If you were moderately familiar with OpenBSD you could have, in the time between the start of this thread and now, read pf.conf for OpenBSD 5.0 and written on paper or wherever a complex ruleset. If your boss won't allocate time for this and expects you to outsource it to the web and whatever then he's doing it wrong. You don't have a good enough familiarity with OpenBSD (or FreeBSD) to know where to start. Right? If you do plan to migrate then you should build a machine, install OpenBSD 5.0, write a ruleset and test it. In your workplace, testing may mean swapping the machines until everyone complains and you swap them back and try again but doing it the way you're doing it now (no experience, asking for copy and paste administration, no testing) is wrong. > in my work place , my boss find another person can do internet > sharing with Windows 2008 and ISA and this person say he can make best > internet sharing server So you want pf on OpenBSD and don't want to see a Windows machine ... ... but you're not interested in reading about pf on OpenBSD ... Who's running the current FreeBSD machine? How come they can't understand it? Why not troubleshoot that? Etcetera ... How will swapping to a new operating system be better than using the current one which almost works? If you want to stay with FreeBSD you should at a minimum understand your current ruleset (removing any non-essential lines might be a good start) if you want to get help on it. Again though you're in the wrong place. Can you explain what every line in the pf.conf you sent is for? If not, find out, if it does nothing, delete it, whatever. Describe your network, do you have issues with DNS, do you have a http proxy, what tests have you done from clients, etcetera ... Have you looked here: http://www.freebsd.org/cgi/man.cgi?query=pfctl&sektion=8&manpath=FreeBSD+8.2-RELEASE So on and so forth. Under those circumstances, maybe Windows is the better choice. Certainly without any relevant OpenBSD experience you're better off with FreeBSD right? > I said before my my pf.conf in FreeBSD work good , but sometimes some user > lost internet and they can not browse web pages , but they can chat with > paltalk , after reboot or disbable or enable PF this problem solve . Fine. You have choices. Fix your current setup which should involve reading the FreeBSD pf.conf documentation and talking to people on the FreeBSD lists. Goodbye. Build an OpenBSD machine, in which case, talk to you when you've got a machine running and you have some more appropriate questions. People will help you. Either way you're should be willing to invest time and if you won't do that on your own and your boss doesn't want you to do it in work time then let the Windows people worry about it. Good times. Best wishes.
