It’s time to deploy a new FreeBSD firewall, and I thought I’d check out pf instead of my standard ipf package.
pf is written by the OpenBSD team, and was designed to replace ipf because of the licensing issues with that code not being a proper BSD license. There’s also some political issues, but I’ll leave those along.
Since the early days my office firewalls have been FreeBSD platforms. I’ve always loved the BSD platform, back from the days where I built an ISP around the BSDi package in the early 90’s.
For as long as I can remember, I’ve been using ipf (ipfilter) by Darren Reed. It became so standard that FreeBSD started including it in their releases which makes life much easier.
Read the whole article (christopher-technicalmusings.blogspot.com – 03/03/2009)