[rescue] RFA: firewall

Curtis H. Wilbar Jr. rescue at hawkmountain.net
Thu Jan 6 15:15:15 CST 2005

On Thu, 2005-01-06 at 14:27, Phil Stracchino wrote:
> I humbly request advice, opinions, whatever, from the Collective.  :)
> The hardware: Ultra5, USIIi/333, 256M, 9.1G, three 10/100 interfaces
> (the built-in hme plus a dual EEPro100), didn't really pay attention to
> what framebuffer and can't say I particularly care.
> The application: firewall between wired internal net, wireless DMZ, and
> DSL to the 'net.  Right now there'll only be one machine on the wired
> net and one on wireless, both running Win2K Pro, but real boxen running
> real OSen will be shipped out here later.
> So:
>  - Solaris 9 and Sunscreen Lite (included with 9, iirc)?

haven't played with Sunscreen...

>  - OpenBSD and PF?

OpenBSD and PF rock !  I haven't used them on Sun's but I wouldn't
expect it to be any different.  Had some issues with 'cheap' dc
interface cards (Linksys tupip clones).... causing deep hangs
or panics on x86 (I think via specific traffic)... but that is 
probably a driver/hardware thing... not a pf issue).

>  - Something else?

ipf is available for Solaris... haven't used it in Solaris, but
I've used it on OpenBSD (in the days before PF).  Not quite as
nice as PF... but still nice.

-- Curt

> What's your recommendations, and why?

