What solution for gigabit firewall can you suggest? Witch OS and packet filter is capable to atcheave hight performance and gigabit speeds? >Les Mikesell wrote: >> Timo Schoeler wrote: >>>> What about NetBSD? I heard that NetBSD has the best network stack out >>>> there. Maybe NetBSD with pf is the best choice? >>> NetBSD is a very nice OS, I personally like it most (out of all BSDs out >>> there); however, as can be read on >>> >>> http://www.netbsd.org/docs/network/pf.html >>> >>> there's the 'usual lag': OpenBSD implements feature X in 4.6, wait some >>> time to see it implemented elsewhere. >>> >>> One of the biggest strengths of OpenBSD is that it's really a completely >>> rounded piece of work. Keep it that way. pf will perform best on >>> OpenBSD, with all the nice features it has. >> >> Has anyone used Firewall Builder to create a complex set of iptables >> rules? Or compared performance where it built the same thing for >> linux/iptables and bsd/pf? >> > > >Are you joking? That piece of crap just puts everything into one single >chain. I never EVER use Firewall Builder after I saw the results the >first time. > >For a BRIDGING firewall, there is absolutely NO WAY that Linux/netfilter >can keep up with OpenBSD/pf. I doubt that Linux/netfilter can even reach >half the performance of OpenBSD/pf. >_______________________________________________ >CentOS mailing list >CentOS at centos.org >http://lists.centos.org/mailman/listinfo/centos > -------------- next part -------------- An HTML attachment was scrubbed... URL: <http://lists.centos.org/pipermail/centos/attachments/20091220/5523fb56/attachment-0005.html>