Sure. I posted on both the mailing lists because M0n0wall and PFsense are the two projects I'm mainly interested in.
I've been playing successfully with both M0n0wall end PFsense: I'm using m0n0 where all the features added in PFsense are not needed, because I feel (note that this is my personal feeling) M0n0 should be more stable, and because a firewall should be as light and small as possible. Sometimes the features available in PFSense have been the added value of the solution. About the substitution I'm planning: I would benefit of the PFSense added features, but I also need a very stable platform. This is why I'm investigating both the solutions. The third and last opportunity I'm keeping in my mind as an alternative (in case I'll see M0n0 and/or PFsense will not be the right solution to my problems) is to build a copule of Gentoo boxes with FWBuilder on iptables http://sourceforge.net/projects/fwbuilder This third solution gives me more flexibility, but requires more and more time to be ready and a bigger maintenance effort. Odette P.S.: I did not post the message on other places ;-) And I hope neither I will. If I will means that I spent much time on not suitable targets... and that my boss is going to be a :-) Alle 17:09, martedì 6 giugno 2006, Scott Ullrich ha scritto: > Dejavu. I just saw this exact message on the m0n0wall with > s/pfSense/m0n0wall/. > > On 6/6/06, Odette <[EMAIL PROTECTED]> wrote: > > Hi all, > > > > I need to substitute our production firewall, and I'd like to use > > PFsense which I've already successfully used for home or small office > > environments. > > > > The solution I'm going to substitute is based on Linux-iptables which > > requires more than 1000 rules. I need more than 25 static routes, and 5 > > VPNs. > > > > Furthermore, in the next future we are migrating 2 of 3 network branches > > on Gbit. > > > > I'd like to try with PFsense, but my boss (I'm sure) will kill me in the > > event I spend half a week in setting up the new PFsense and writing down > > all the rules to see that PFsense is not the right solution. > > > > Is there a rules number limit or a session number limit implemented in > > PFsense? > > > > Does somebody have some expertize in similar situations? > > > > Anybody able to supply info or suggenstions? > > > > Tanks in advance > > > > Odette
