Hi,
I just wonder if I can replace PIX firewall with machine having IPTable as my firewall. I want to control our firewall but due to the lack of knowledge in configuring PIX, i want to replace it with Linux or BSD. I do not have the time now to learn the complexity of PIX and yet I want to know what happening in my firewall and control it as much as possible. Do you think it is justifiable for me to replace it? Can you please provide me your inputs? Thank you very much.
junji aisalen.wordpress.com Linux Registered User #253162 CentOS User
Send instant messages to your online friends http://uk.messenger.yahoo.com
Jun Salen wrote:
Hi,
I just wonder if I can replace PIX firewall with machine having IPTable as my firewall. I want to control our firewall but due to the lack of knowledge in configuring PIX, i want to replace it with Linux or BSD. I do not have the time now to learn the complexity of PIX and yet I want to know what happening in my firewall and control it as much as possible. Do you think it is justifiable for me to replace it? Can you please provide me your inputs? Thank you very much.
Personally I'd go with OpenBSD with pf. It's real easy to use, much more powerful than IP Tables, and, well just better. I've been running OpenBSD firewalls for a few years now, before that my favorite was FreeBSD with ipfw(before bridging was common in linux). All of my BSD firewalls are bridging firewalls.
The most annoying thing about OpenBSD is the partitioning setup during installation. I can't believe they haven't changed it in as long as I've been using it(about 7 years now). Despite having used linux/unix systems for about 13 years I still get confused when I get to that screen in the installation (I don't install it very often). I've installed HPUX, AIX, Tru64, Solaris, tons of Linux distros, FreeBSD, and OpenBSD, and probably a couple others I've forgotten, and still that fdisk-type tool that OpenBSD uses is so confusing.
OpenBSD PF user guide here: http://www.openbsd.org/faq/pf/index.html
nate
nate wrote:
Personally I'd go with OpenBSD with pf. It's real easy to use, much more powerful than IP Tables, and, well just better. I've been running OpenBSD firewalls for a few years now, before that my favorite was FreeBSD with ipfw(before bridging was common in linux). All of my BSD firewalls are bridging firewalls.
The most annoying thing about OpenBSD is the partitioning setup during installation....
you might check out pfSense, which is a hybrid of freebsd kernel with the openbsd pf stuff, and a nice web gui for managing it. can run on very minimal hardware, booting from a tiny flashcard
-
John R Pierce -
Jun Salen -
nate