Re: [PLUG] Firewall choices for a small software development business

Use pfSense with the GUI for most use cases, which is what op found pre-installed at Amazon.

A small shop likely doesn't have the hours to dedicate to learning something obtuse, and if someone learns it no one else will be able to maintain it. pfSense GUI is a bit confusing from scratch, but once it's running any Linux user should be able to figure it out to make changes as most of the terminology is common. (e.g. src Nat and dest nat)

Lee

--
Lee Marzke. <Lmarzke@4aero.com>
Sent from phone

From: Steve Litt <slitt@troubleshooters.com>
Sent: Jul 4, 2017 12:58 PM
To: plug@lists.phillylinux.org
Subject: Re: [PLUG] Firewall choices for a small software development business

On Tue, 4 Jul 2017 07:30:31 -0400
Rich Kulawiec <rsk@gsp.org> wrote:

> On Mon, Jul 03, 2017 at 02:40:05PM -0400, K.S. Bhaskar wrote:
> > This e-mail is to solicit opinions about a firewall.
>
> You really can't do better than OpenBSD/pf. Runs beautifully even
> on minimal hardware, has every feature of relevance, quite resilient
> even in the face of clueful attack, very customizable, open-source,
> peer-reviewed, and exhaustively documented.

The preceding is true, but OpenBSD/pf is very terse and not
recognizeably a match for what you're trying to pass or stop.

Do you know of any online documentation that outlines which commands do
what and in what order, without drowning the whole thing in a
mind-numbing sea of detail?

Thanks,

SteveT

Steve Litt
June 2017 featured book: The Key to Everyday Excellence
http://www.troubleshooters.com/key
___________________________________________________________________________
Philadelphia Linux Users Group -- http://www.phillylinux.org
Announcements - http://lists.phillylinux.org/mailman/listinfo/plug-announce
General Discussion -- http://lists.phillylinux.org/mailman/listinfo/plug