--On Friday, June 10, 2011 08:55:47 PM +0200 Ljubomir Ljubojevic office@plnet.rs wrote:
Devin Reade wrote:
Another option that you might want to look at is putting up an OpenBSD gateway running authpf (see http://www.openbsd.org/faq/pf/authpf.html).
That is not something to strive for.
Depends on the requirements.
What about my WISP network? how would I protect multiple systems not at the single location and with multiple incoming paths? Adding another box it worst of all options.
The OP (to which I was responding) didn't say anything about such a configuration. I'm not suggesting that authpf solves all the world's problems. Would one gateway protect disjoint networks? No. But on the other hand, multihomed networks are just fine.
Having lots of tools in your toolbox lets you pick the best one for the job. If it's not the right tool, don't use it. But that doesn't reflect on the tool, just on it's applicability to the task at hand.