Depends what you want to do exactly I suppose...
Personally I use Linux based firewalls for many of my sites purely because
the clients in question want deep packet inspection (aka OSI layer 7
filtering) done on the network traffic.
But that said they are always the second skin firewalls, sitting behind
PF firewalls, filtering outbound traffic while the OpenBSD/FreeBSD boxen
filter inbound traffic.
Thats just my 5c worth and I've always been of the opinion that at least two
different skins of firewalls should be deployed, build ontop of different
technologies.
Makes life a lot harder for whomever you want to keep out.
"Opportunity is most often missed by people because it is dressed in
overalls and looks like work."
Thomas Alva Edison
Inventor of 1093 patents, including:
The light bulb, phonogram and motion pictures.
On Wed, Sep 22, 2010 at 9:29 PM, Rikky Taylor <rikkytay...@hotmail.co.uk>wrote:
> I was after some general advice. I need to setup a routing firewall with 3
> interfaces, moderate traffic and a fair amount of NAT'ing in the rules.
>
>
>
> Given identical modern server hardware would I expect a performance
> difference
> between an OpenBSD/PF setup and a Linux/IPTables one?
>
>
>
> Rikky
