On Oct 19, 2005, at 6:21 PM, Edy Purnomo wrote:
i suggested to my friend to replace his linux box to openbsd.
he uses mailnly for internet gateway : pf + squid proxy
after 2 weeks later he switched it back linux and said : linux much
faster to respond the http requests (he had a same configuration on
openbsd, pf + squid proxy).
is there any program that can proof what he says ?
thanks.
Three points:
1) No way in hell is iptables faster than PF.
2) His box _may_ pass traffic faster, but this is almost certainly
due to the support level of the hardware. Without real information,
it's hard to qualify this.
3) Who cares? Why are you worried about what your friend uses? If
it works for him, so be it. Rather than trying to bring him over
"cuz PF is l33t", just make sure you mention how cool it is when your
stateful firewalls run 24x7. Oh, and when your 3.8 VPNs failover
statefully, too. :)
http://www.openbsd.org/goals.html
--
Jason Dixon
DixonGroup Consulting
http://www.dixongroup.net
