On Wed, 2026-04-08 at 06:37 -0400, Dan Ritter wrote: > Roy wrote: > > I’d like an unbiased opinion on whether OpenBSD should be > > considered > > a better choice as a firewall/router.> > > No unbiased opinions exist. > > I will say that: > > * Debian's package update mechanism is faster than OpenBSD's > > * OpenBSD is the upstream source of several security-critical > packages including the ubiquitous OpenSSH; > > * It is convenient, especially for a non-expert, to have one OS > to admin rather than two. > >
Yes I can understand that > > I’m wondering whether OpenBSD would be easier to manageas a > > firewall/router than Debian. > > No, they pose the same degree of difficulty and require the same > basic understanding of networking. > > Absolutely not. I’m referring to the fact that, as soon as I > > started > > looking into firewall options on Debian, I found at least three > > different systems: iptables, nftables, and ufw. It was quite > > confusing > > to understand how they relate to each other. I now think I > > understand > > that nftables is the newer approach, and it’s a very sophisticated > > and > > feature-rich system, probably ideal for a team of engineers, but > > maybe > > overkill for a side project like mine. > My take on debian firewall: > That's incorrect. > There is ... My take on openBSD firewall: > Correct. pf is ... Well, you kind of made my point :) thanks for your interesting suggestions.
