Il 02/07/2012 15:51, Jim Pingle ha scritto:
On 7/2/2012 9:38 AM, Tonix (Antonio Nati) wrote:
Too much confusion in keeping filters tables,
Switching how the entire firewall operates is also very confusing and
not likely to do what people expect -- floating rules would be much
easier to
On Wed, Jul 4, 2012 at 10:44 AM, Tonix (Antonio Nati)
to...@interazioni.it wrote:
Il 02/07/2012 15:51, Jim Pingle ha scritto:
On 7/2/2012 9:38 AM, Tonix (Antonio Nati) wrote:
Too much confusion in keeping filters tables,
Switching how the entire firewall operates is also very confusing and
I confirm too: excellent support!
Odette
--
Odette Nsaka odette.ns...@libero.it
Il giorno mar, 03/07/2012 alle 15.26 -0600, James Caldwell ha scritto:
Absolutely, some of the best support I've had for a software solution to date.
James
...
___
On 04/07/2012 11:06, Tonix (Antonio Nati) wrote:
Il 04/07/2012 11:44, Ermal Luçi ha scritto:
On Wed, Jul 4, 2012 at 10:44 AM, Tonix (Antonio Nati)
to...@interazioni.it wrote:
Il 02/07/2012 15:51, Jim Pingle ha scritto:
On 7/2/2012 9:38 AM, Tonix (Antonio Nati) wrote:
Too much confusion in
Once you have an incoming connection (first time) to, let's say from INT X
to INT Y, dest IP Z, dest port P, will these alternative rules be evaluated
in same moment or not?
- Evaluate INPUT on INT X, dest IP Z, dest port P
- Evaluate OUTPUT on INT Y, dest IP Z, dest port P
If the answer is
Il 04/07/2012 16:21, Sean Cavanaugh ha scritto:
Once you have an incoming connection (first time) to, let's say from INT X
to INT Y, dest IP Z, dest port P, will these alternative rules be evaluated
in same moment or not?
- Evaluate INPUT on INT X, dest IP Z, dest port P
- Evaluate OUTPUT on
Il 04/07/2012 15:41, Giles Coochey ha scritto:
On 04/07/2012 11:06, Tonix (Antonio Nati) wrote:
Il 04/07/2012 11:44, Ermal Luçi ha scritto:
On Wed, Jul 4, 2012 at 10:44 AM, Tonix (Antonio Nati)
to...@interazioni.it wrote:
Il 02/07/2012 15:51, Jim Pingle ha scritto:
On 7/2/2012 9:38 AM,
On Sun, Jul 1, 2012 at 3:33 PM, Chris Buechler c...@pfsense.org wrote:
The level of service we provide is on par or better than commercial
vendors. For most of our customers, much better, because commercial
vendors will rule out the firewall and tell you to have a nice day
I'll confirm that
Le 3 juil. 2012 à 21:59, Vick Khera a écrit :
On Sun, Jul 1, 2012 at 3:33 PM, Chris Buechler c...@pfsense.org wrote:
The level of service we provide is on par or better than commercial
vendors. For most of our customers, much better, because commercial
vendors will rule out the firewall and
] pfSense vs JunOS
Le 3 juil. 2012 à 21:59, Vick Khera a écrit :
On Sun, Jul 1, 2012 at 3:33 PM, Chris Buechler c...@pfsense.org wrote:
The level of service we provide is on par or better than commercial
vendors. For most of our customers, much better, because commercial
vendors will rule out
On Sun, Jul 01, 2012 at 01:14:12PM +0200, Adam Thompson wrote:
Are there any JunOS features you consider killer that are not in
pfSense 2.1? What would be these features?
Hardware offload: you can scale vertically with JunOS platforms with the
simple addition of more money, whereas an
On 1/7/2012 5:47 PM, Eugen Leitl wrote:
Are there any JunOS features you consider killer that
are not in pfSense 2.1? What would be these features?
Thanks.
A couple of features that pfSense is lacking according to me (not only
compared to SRX/JunOS though):
- Zone-based FW, to replace the
On 02/07/2012 13:41, Tonix (Antonio Nati) wrote:
I've suggested (both for pfSense and Monowall) to give the possibility
to invert the filtering directions.
In complex environment, it would be a lot more useful to apply filters
to outgoing interfaces (instead of incoming interfaces).
In this
[skipping over things I have no opinion on or answer for]
On 7/2/2012 8:29 AM, tibz wrote:
- Zone-based FW, to replace the current incoming interface based
system. Or to get the choice between both at the beginning.
This is mainly to ease the maintenance. Say I've 8 interfaces/vlans, and
1 is
On 7/2/2012 8:41 AM, Tonix (Antonio Nati) wrote:
I've suggested (both for pfSense and Monowall) to give the possibility
to invert the filtering directions.
Which you can do on floating rules. You can make floating rules in the
'out' direction. No need to alter the rest of the interface or make
Il 02/07/2012 15:32, Jim Pingle ha scritto:
On 7/2/2012 8:41 AM, Tonix (Antonio Nati) wrote:
I've suggested (both for pfSense and Monowall) to give the possibility
to invert the filtering directions.
Which you can do on floating rules. You can make floating rules in the
'out' direction. No
On 7/2/2012 9:38 AM, Tonix (Antonio Nati) wrote:
Too much confusion in keeping filters tables,
Switching how the entire firewall operates is also very confusing and
not likely to do what people expect -- floating rules would be much
easier to understand than you expect (if the list were cleaned
On 02/07/2012 14:37, Tonix (Antonio Nati) wrote:
I would be not so sure about that.
When I gave an inside look at PF, some years ago, I had the perception
filters are evaluated all together in the same place, despite they are
ingoing or outgoing. You can even mix incomin and outgoing
2012/7/1 Eugen Leitl eu...@leitl.org
Are there any JunOS features you consider killer that
are not in pfSense 2.1? What would be these features?
Thanks.
___
List mailing list
List@lists.pfsense.org
http://lists.pfsense.org/mailman/listinfo/list
On Mon, Jul 02, 2012 at 01:01:47PM +0100, Chris Bagnall wrote:
On 1/7/12 4:47 pm, Eugen Leitl wrote:
Are there any JunOS features you consider killer that
are not in pfSense 2.1? What would be these features?
'JunOS' is a fairly vague comparison point - the JunOS feature set
supported by
On 2/07/2012 15:39, Chris Bagnall wrote:
On 2/7/12 2:31 pm, Jim Pingle wrote:
No, that'll never happen. Bloating the system is never the correct
answer.
+1. I couldn't agree more.
Kind regards,
Chris
Well I was not expecting you to take the current package directly in the
installer and
On 7/2/2012 11:42 AM, tibir wrote:
I was referring to adding feature. You already have a lot of packages,
or lets call them services that are integrated into pfSense. (so they
are part of the basic, like openvpn, dhcp server, ...)There could have
been a DHCP Server package to add, but instead
Il 02/07/2012 15:51, Giles Coochey ha scritto:
On 02/07/2012 14:37, Tonix (Antonio Nati) wrote:
I would be not so sure about that.
When I gave an inside look at PF, some years ago, I had the
perception filters are evaluated all together in the same place,
despite they are ingoing or
Are there any JunOS features you consider killer that are not in
pfSense 2.1? What would be these features?
Hardware offload: you can scale vertically with JunOS platforms with the
simple addition of more money, whereas an x86-style software-only system
like pfSense will always hit
On Sun, Jul 1, 2012 at 7:14 AM, Adam Thompson athom...@athompso.net wrote:
Are there any JunOS features you consider killer that are not in
pfSense 2.1? What would be these features?
Hardware offload: you can scale vertically with JunOS platforms with the
simple addition of more money,
On Sun, Jul 1, 2012 at 11:47 AM, Eugen Leitl eu...@leitl.org wrote:
Are there any JunOS features you consider killer that
are not in pfSense 2.1? What would be these features?
I'll add a few things to Adam's list. The biggest in my opinion is a solid
cli. The webUI is not bad in pfSense
26 matches
Mail list logo
