pf (packet filter) resembles the firewall for OpenBSD. pfSense is based on pf and a gui and modified to use FreeBSD and Netgate hardware as a bundled $1K appliance.
My "first" Unix was ATT, in Cory Hall at UC Berkeley, across the hallway from the team that later produced BSD Unix. My first Unix machine was a Tektronix workstation running "UTek", then a PC running BSDI. Then Linux. I never looked back. Or watched the forks of openbsd and freebsd from bsd386. For many years, I have run a "headless" Linux firewall, using a pcEngines APU 3-port headless single-board-computer. However, pfSense running on 686-class hardware and BSD seems more secure as a firewall for a Linux cluster. J. Random Cracker must conquer two operating systems (both firewall and production machines) to pown me. That said, SUPPORTING two different operating systems increases the load average on my poor aging brain. But hey, wise choices never were my forte. So, I will attempt to configure and run pfSense preinstalled on another pcEngines APU (with spares). ----- Your snarky disparaging comments here. I can always use more. ----- Anyway ... if other PLUGers want to attempt the same approach, misery loves company. I can imagine a whitehat trial-by-combat at a Linux clinic. AFTER I make copies of the APU mSATA drives. As my chimp experimenter friends taught me, ALWAYS mount a scratch monkey. Also, pcEngines is no longer in business. If anyone else knows of a 3xGigabit 5 watt single board computer currently in production, we can play with those, too. Keith L. P.S. Rule of thumb - 8766 watt-hours, plus aircon, is about $1/year. 5 more watts for a decade is the cost of a cheap date. -- Keith Lofstrom [email protected]
