On Mon, Apr 13, 2009 at 06:53, Lenny <[email protected]> wrote: > OpenBSD scares me a bit:)
It shouldn't, really. The initial installer dialog is awful, but once you get past it and get stuff running, it's about as smooth and seamless as any good BSD setup. For that matter, neither pf nor iptables should be scary. Like OpenBSD, they both start looking difficult but if you actually take the time to sit down and work with them you'll usually find that they "just work" the way a network admin thinks they should. Too often toolkits wrapped around them end up making them more complex than they really need to be. Don't know if pf has a similarly verbose set of documentation, but this [http://iptables-tutorial.frozentux.net/iptables-tutorial.html] piece for iptables was immensely useful for pushing me over the edge from being an iptables user to understanding iptables. > Regarding the iptables stuff, weird as it may sound - the CEO said that it > would be enough as far as he concerns. > Will something like Endian do the job? No idea, never used it. I was one of those Rainer mentioned that tried a _lot_ of tools (including commercial solutions like PIX) before coming back to pfSense. I actually found pfSense by way of m0n0, I was looking for something like it that was a bit beefier and did (at the time) HA setups. As far as whether you need a GUI is completely up to you. My CLI curve has a dip in the middle - small and huge things I want to do without a GUI, but moderate loads (like daily/weekly rule changes) make clicky-happy tools somewhat more requisite. Most DIY setups won't have the nice reporting tools and extended feature-sets that polished distros like pfSense do, but in your case your need for performance may well outstrip the need for those. RB --------------------------------------------------------------------- To unsubscribe, e-mail: [email protected] For additional commands, e-mail: [email protected] Commercial support available - https://portal.pfsense.org
