Possible convert. Please help me justify this madness.

kpa · Apr 26, 2013

OpenBSD's pf has a different (IMO better) syntax than FreeBSD's pf(4), the differences aren't that big though. There are also some differences in the network stacks. For example with FreeBSD's pf it's not possible to re-route traffic originating on the host itself without using tricks like setfib(1), in OpenBSD I believe it's possible with just pf rules.

I did toy around with OpenBSD 5.2 for a brief moment but got turned off when I found out that the project is still using CVS for version control. Also the website looks like a blast from the pre year 2000 past.

mix_room · Apr 26, 2013

kpa said:
OpenBSD's pf has a different (IMO better) syntax than FreeBSD's pf(4), the differences aren't that big though. There are also some differences in the network stacks. For example with FreeBSD's pf it's not possible to re-route traffic originating on the host itself without using tricks like setfib(1), in OpenBSD I believe it's possible with just pf rules.

Probably due to the fact that the verson of pf included with FreeBSD is not as new as the one in OpenBSD. If I remember correctly the change in syntax was the reason it wasn't included.

I did toy around with OpenBSD 5.2 for a brief moment but got turned off when I found out that the project is still using CVS for version control. Also the website looks like a blast from the pre year 2000 past.

You should probably also note that their 'rack' also looks quite 'unprofessional': http://www.openbsd.org/images/rack2009.jpg. Despite this they manage to put out a good product.

shepper · Apr 26, 2013

mix_room said:
Probably due to the fact that the verson of pf included with FreeBSD is not as new as the one in OpenBSD. If I remember correctly the change in syntax was the reason it wasn't included.

You should probably also note that their 'rack' also looks quite 'unprofessional': http://www.openbsd.org/images/rack2009.jpg. Despite this they manage to put out a good product.

I think that 2009 photo is from Theo de Raadt basement. I remember reading that his monthly electric bill was around $600. The main server has since migrated to the University of Alberta

cbrace · Apr 26, 2013

I'd be tempted by PC-BSD were it not for the fact that it is highly KDE-centric, and I prefer GNOME, although I understand from the comments above that GNOME isn't easy to maintain for FreeBSD. Though I'm not proud of saying so here, I run Fedora on my desktop box and Linux Mint on my laptop, simply because I want to have Skype and Flash. Some day I hope...

wblock@ · Apr 26, 2013

PC-BSD actually gives a choice of four desktop environments, KDE, GNOME, Xfce, and LXDE.

cbrace · Apr 26, 2013

Thanks @wblock@, didn't know that. When I last looked at it some years ago it wasn't obvious that GNOME was a viable option. Time for another look I think.

shepper · Apr 27, 2013

wblock@ said:
PC-BSD actually gives a choice of four desktop environments, KDE, Gnome, xfce, and lxde.

Although if you look closer, if you go with PC-BSD rolling release, you get KDE 4.10 while GNOME is still at 2.32. The opposite is true with OpenBSD. KDE is at 3.5.10 while GNOME is at 3.6 in the soon to be released OpenBSD 5.3. Both FreeBSD/OpenBSD have newer versions of the respective desktops in testing.

The version of Xfce is the same in both and IMHO the code quality and the conformity of Xfce to the BSD's is a strong reason to use it.

ta0kira · Apr 27, 2013

kpa said:
For example with FreeBSD's pf it's not possible to re-route traffic originating on the host itself without using tricks like setfib(1), in OpenBSD I believe it's possible with just pf rules.

It also seems like you can't filter traffic between address aliases with pf, e.g. between jails, at least in my limited experience.

Kevin Barry