On 27 Nov 2020, at 9:29, tech-lists wrote:
What's the "best" [1] choice for firewalling these days, in the list's
opinion?
There's pf, ipf and ipfw. Which is the one being most recently
developed/updated?
I'm used to using pf, have done for over a decade. But OpenBSD's pf
has diverged a lot more from when it first came across. There seems to
be a lot more options.
Is FreeBSD's pf being actively developed still?
All three are actively maintained and grow new features from time to
time.
[1] up-to-date
See above. All three are actively maintained.
low overhead, high throughput
I believe ipfw currently performs best. I can’t rank ipf and pf,
because I’ve not seen benchmarks for ipf.
IPv6-able,
All three.
traffic shaping/queueing
Mostly ipfw, because dummynet. pf has ALTQ, but that has more
limitations than dummynet.
I think ipf doesn’t do shaping, but I may be mistaken about that.
Best regards,
Kristof
_______________________________________________
freebsd-current@freebsd.org mailing list
https://lists.freebsd.org/mailman/listinfo/freebsd-current
To unsubscribe, send any mail to "freebsd-current-unsubscr...@freebsd.org"
