Hi , before anything I dont think that FreeBSD is become "behind" in this subjet, but..my case is this:
In my work(300/400) users , my boss called a guy who coworked with me for improve the actual network infraestructure
so far so good
the guy dont have anything against FreeBSD but allways call it Linux ..after I explain to it multiple times the diference
anyway, the things is that whe need to put NGFW in some critical points of the network
and here I think..
in the future FreeBSD will can
-dissamble a tcp/udp package
-procesing it against acl or rules
-and reinserting it into the FW ?
song time along I try to do this,
with PF , but the version is old compared to OpenBSD,
and the funcion diver-to-reply
is not in FreeBSD PF
( is needed for reinsert the packet into PF after ,for ex Snort analize it)
So, maybe I'am too old for accept this fact and go on
but I am right? a FreeBSD server cant do it?
I hate put a closed litle box instead of a server
In my work(300/400) users , my boss called a guy who coworked with me for improve the actual network infraestructure
so far so good
the guy dont have anything against FreeBSD but allways call it Linux ..after I explain to it multiple times the diference
anyway, the things is that whe need to put NGFW in some critical points of the network
and here I think..
in the future FreeBSD will can
-dissamble a tcp/udp package
-procesing it against acl or rules
-and reinserting it into the FW ?
song time along I try to do this,
with PF , but the version is old compared to OpenBSD,
and the funcion diver-to-reply
is not in FreeBSD PF
( is needed for reinsert the packet into PF after ,for ex Snort analize it)
So, maybe I'am too old for accept this fact and go on
but I am right? a FreeBSD server cant do it?
I hate put a closed litle box instead of a server