-----Original Message----- From: Daniel Staal [mailto:DStaal@usa.net] Sent: Friday, March 12, 2010 1:37 AM To: nanog@nanog.org Subject: Re: Need advise for a linux firewall
--As of March 11, 2010 4:22:38 PM +0000, gordon b slater is alleged to have said:
One caveat for the current PFsense: traffic shaping in 1.2.3 release is somewhat borked (1.2.2 works much better) and it doesn't work with more than 2 interfaces, so 1 wan - 1 lan is OK.
--As for the rest, it is mine.
One more, given the other current thread going on at the moment: The current version of PFsense doesn't support IPv6 through the GUI. (The OS and PF support it, but you have to log in to a shell to configure it.)
That is why we use Debian with IPtables (works great, easy to manage). Deploying anything now that doesn't fully support IPv6 is something I won't do unless there is no other option (and I strongly advice everyone else to be at least IPv6 ready).
It's on their to-do list.
Daniel T. Staal
--------------------------------------------------------------- This email copyright the author. Unless otherwise noted, you are expressly allowed to retransmit, quote, or otherwise use the contents for non-commercial purposes. This copyright will expire 5 years after the author's death, or in 30 years, whichever is longer, unless such a period is in excess of local copyright law. --------------------------------------------------------------- Sorry, legally I am allowed to do that by local laws.
Regards, Mark