-----Original Message----- From: [email protected] [mailto:[email protected]] On Behalf Of Vieri Sent: Saturday, September 15, 2012 6:59 PM To: pfSense support and discussion Subject: Re: [pfSense] pfSense features
Thanks everyone for your feedback on such a general question. I must say that pfSense is truely impressive and has almost everything you need for an advanced firewall/gateway. It can also be extended and used to serve non-firewall apps such as VoIP and more. In any case and despite what firewall purists may say, I suppose you can install whatever the underlying FreeBSD system allows you to, just as long as you manually configure it via shell (is this true or has pfSense changed the directory structure, the init system or any other aspect?). However, has pfSense forked so much from FreeBSD to the extent that applying its patches is a draconian task? I have no idea but I'm supposing that most patches are for the kernel. If so, why haven't they been accepted upstream? Anyway, thanks for the great software and I hope it will go smoothly on my first production setup. Vieri _______________________________________________ List mailing list [email protected] http://lists.pfsense.org/mailman/listinfo/list short answer, pfSense has been performance tuned to be a firewall/router first, and network services second. These changes don't necessarily mean an improvement across the board. For the changes to be accepted upstream, they would have to improve the system as a whole, meaning not going to be a detriment on a different style of system. Tuning network settings and drivers to support running a more robust firewall may actually cause system services such as apache or SQL servers to NOT perform correctly or crash. Aka. The more you tune it to do one thing, expect it to do another less efficiently. For the long answer, please read thru the bug tracker and review all the kernel level changes that have gone into the system. The modifications to pf as a service HAVE been rolled back into FreeBSD core as much as possible. _______________________________________________ List mailing list [email protected] http://lists.pfsense.org/mailman/listinfo/list
