On Wednesday, July 17, 2013 17:00:16 Alan Jachimiak wrote: ... > But as I take a look around (googling "pfsense vs untangled" and "pfsense > vs clearos") It seems that there are a couple things people agree on: > > - untangled is bloated > - untangled requires more Hardware resources
In Untangle the main administration program (that you have to use) is a big slow quirky Java GUI. There is an occasional Java GUI that performs well, but this isn't one of them. > - ClearOS has too much eye candy > - A bunch of ClearOS users jumped ship to pfsense (and are now > satisfied) after a recent release. > > I'm okay sacrificing a *some* resources for good looks, but pfsense only * > suggests* <512MB RAM for some isolated use cases. That sounds pretty > efficient to me. So, I'm going to bite the bullet and give pfSense a try. > (pfsense.org) My current FreeNas based on FreeBSD has been OK to deal > with so, I think I've got a fighting chance. I have a friend that decided to run pfSense on an Alix 2d3 (essentially the same exact hardware that I'm running for my firewalls) and he seems to be happy. I loaded pfSense briefly on my Alix 2c3 to see what it has in comparison to Debian -- the main benefit is a web administration panel AFAIK. _For me_ Debian worked out better, but I tend to do a lot of administration via command line over ssh rather than web GUIs. On Wednesday, July 17, 2013 17:48:02 Allen wrote: > I'm okay sacrificing a /some/ resources for good looks, but pfsense only > /suggests/ <512MB RAM for some isolated use cases. That sounds pretty > efficient to me. So, I'm going to bite the bullet and give pfSense a try. > (pfsense.org[1]) My current FreeNas based on FreeBSD has been OK to > deal with so, I think I've got a fighting chance. The Alix 2d3 box my friend runs pfSense on has 256 MB of RAM onboard. Should work fine. > I'm dissatisfied with the firewall in my Westell 6100 DSL modem/router and > have thought about alternatives including pfsense. > > ISTM that a valuable Linux skill to possess is to be able to specify custom > firewall rules in the native firewall language (as opposed to using a > firewall GUI front-end). For Linux, this language is iptables. IMO, > iptables has a steep learning curve. Nevertheless, IMO the learning > investment in iptables is worthwhile. pfsense uses its own firewall > language. So this would just add to an already *huge* Linux learning burden > (iptables plus *tons* of other stuff). > > I'd be interested if anyone has any counterarguments to this. Basically (IMHO) you want to understand iptables "natively" if you can help it. Some of the GUIs around iptables rules can be nice, but they tend to go out of support after a while, or iptables gets new functionality that the GUI doesn't know how to handle. I started off using a GUI for making iptables firewall rules, but now I'm doing iptables rules "by hand". -- Chris -- Chris Knadle [email protected] _______________________________________________ Mid-Hudson Valley Linux Users Group http://mhvlug.org http://mhvlug.org/cgi-bin/mailman/listinfo/mhvlug Upcoming Meetings (6pm - 8pm) Vassar College Aug 7 - Scripting Your World with Python Sep 4 - NoSQL and MongoDB Oct 2 - OpenFlow: Open Standard for Networking Hardware
