dummynet
TM4525 at aol.com
TM4525 at aol.com
Thu Oct 28 15:39:17 PDT 2004
In a message dated 10/28/04 6:07:18 PM Eastern Daylight Time,
micheal at tsgincorporated.com writes:
>As far as being "nowhere as good as you can buy", take a WatchGuard Firebox
>X1000 for example, they're pretty popular because they work. People that use
>them always tell me they prefer them to any *Nix based solution. By that
>statement, I know they've not really looked into that unit because the
>developers plainly state that it runs on a Linux hardened kernel. It
>terminates vpn connections, both ipsec and pptp, rate limits, nats and
>firewalls. All of the very same features you can do with Linux or FreeBSD
>using the appropriate packages.
-------------------
I never said anything about the O/S not being able to do it...
"works" is a relative term. Most of the linux firewall/bwmgt boxes are just
the
same marginal stuff in the native O/S with a front end. Its better than
nothing,
but no better than dummynet, so no sense bringing them up. Allot's stuff runs
on linux, etinc's stuff runs on both linux and freebsd. So it certainly can be
done on un*x.
The problem with dummynet is that once you do all the work and figure it all
out,
its still only marginally functional compared to something relatively
inexpensive.
So instead of buying the $3500 box that is everything you need, you've spend
$800
on hardware, $2000 worth of time, and you still have something not nearly as
good.
More information about the freebsd-questions
mailing list