> Are there open source firewall distributions which are built on top > > In the remote past, some existed and died, i'm not aware of any > > Also, wasting time on so-called "distributions" is discouraged
Used to run pfsense for many years and once you get used to pf by itself, it just makes sense using pf on it's native OpenBSD instead of FreeBSD. pfsense is built on FreeBSD and always playing catch-up with both the OS and with pf. If you look at the rule set that pfsense creates via the web GUI, it is very simple. Once you go command line, a whole world opens up. It does take a leap of faith to do it though. It took me many years to trust myself to take the plunge. And I've managed an OpenBSD/pf firewall on a 225 user network. My current setup is basic firewall with DHCP, NAT and routing. But there is power in the simplicity. When something goes wrong -and it has happened twice due to power failures, there is so much less to deal with to bring the box back up. Yudhvir
