Download presentation
Presentation is loading. Please wait.
1
p f S e n s e WSULUG 2006-10-25 Matt Bailey
Theme created by Sakari Koivunen and Henrik Omma Released under the LGPL license.
2
p f S e n s e - history m0n0wall (http://m0n0.ch/wall)
Reasons for fork embedded vs. installed features of new sofware IPF vs. iptables vs. pf CARP ALTQ quick pass FreeBSD 6.1-RELEASE
3
p f S e n s e - basics Things “router” packages should do (read: NAT boxes) DHCPd aliasing NAT (rfc1918 :WAN, 1:1, proxy arp) Rules (a firewall rule is not an address translation) DNS forwarding (dnsmasq)
4
p f S e n s e – basics (cont.)
Interfaces OpenSSH (off by default) HTTPS Updating Static routes Graphing and statistics General crap you'd expect for a network device
5
p f S e n s e - shaping Fully functional shaping system
Wizard for initial setup stateful packet inspection Queues and rules
6
p f S e n s e – IPsec & VPNs GRE and IPsec fully supported OpenVPN
PPPoE PPTP stunnel (as a package)
7
p f S e n s e - clustering CARP (pfsyncd) XMLRPC Load balancing
Across interfaces Across pfsync nodes
8
p f S e n s e - wireless NAT a wireless connection (just like any other interface) HostAP (way cool feature) Atheros/madwifi based cards supported Special mode for these cards (ad-hoc, managed, HostAP) All modern security protocols useable Atheros zone range mode Can bridge with LAN to share DHCP and other resources
9
p f S e n s e – logging & stats
SNMP pftop pflog pfflowd ntop snort etc
Similar presentations
© 2025 SlidePlayer.com. Inc.
All rights reserved.