[SunHELP] buy firewall router or use SB100 and ipfilter

Steve Sandau ssandau at gwi.net
Thu Sep 10 18:12:57 CDT 2009

>> btw you're probably also better off replacing the stock solaris
>> ipfilter with darren reed's latest, from
>> http://coombs.anu.edu.au/~avalon/ if you aren't already aware.
> Another [very good] option would be OpenBSD and pf.  That's what I use
> on my firewall, currently on a U5.

I'd echo the OpenBSD suggestion. I have a SS5 and an SS4 firewalling a 
cable connection and a DSL connection. The bandwidth limitation is not 
the firewall.

I found pf to be much easier and more intuitive than iptables on Linux, 
and easier than ipf on Solaris. Additionally, OBSD is just plain hard to 


