- Joined
- Mar 5, 2013
- Messages
- 1,824
A shame really. Especially since... didn't Netgate originally sponsor Wireguard porting work for FreeBSD?As a community we deserve better firewall options. I need to figure out my role in the future of this issue, but its certainly an important problem to be considered.
Well, I happen to think pf is the best firewall I've used (No chance in hell I'd ever use Linux iptables mess). There is always that option of just spinning up a vanilla FreeBSD machine and setting up pf manually. Actually, FreeBSD comes with not one, but THREE good firewall options. I've never used IPF, but used IPFW and pf. I like pf syntax and tooling better out of the two. Not exactly a big fan of the shell script-based IPFW.
That being said, I only run vanilla FreeBSD/pf in a transmission jail (auto-kill-switch) and not my router. I run OPNsense on the router simply cause it functions more like an "appliance" similar to how TrueNAS is. Just need to backup config file and I can restore an identical setup pretty effortlessly without any backups.
Admittedly, I do miss pfSense's feature of automatic online backup that OPNsense lacks (must have your own GitHub or file storage), but I can live with it considering the 2017 bug I mentioned before was a deal breaker for me. Netgate shadiness is also a factor, but not the deal breaker that made move to OPNsense.