[OmniOS-discuss] Ang: Firewall in OmniOS?
Johan Kragsterman
johan.kragsterman at capvert.se
Wed Oct 19 07:33:31 UTC 2016
Hi, Bob!
-----"OmniOS-discuss" <omnios-discuss-bounces at lists.omniti.com> skrev: -----
Till: omnios-discuss at lists.omniti.com
Från: Bob Friesenhahn
Sänt av: "OmniOS-discuss"
Datum: 2016-10-19 02:47
Ärende: [OmniOS-discuss] Firewall in OmniOS?
While I do have a dedicated low-power box I can use, it came to mind
that I could use OmniOS on a more powerful Internet-facing server and
use it as the firewall for my network (screening and session-oriented
NAT). Assuming that the Internet-facing interface is sufficiently
battened down, this should provide optimum performance for other
software running on the same system while providing good security.
I know that ipfilter is available in OmniOS but have heard that it is
a bit dated when it comes to NAT.
Has anyone tried (or is it feasible) to install OpenBSD or FreeBSD
(perhaps pfSense or OPNsense) in a KVM instance (running in a zone) to
provide an effective firewall for LANs?
Yeah, I do that since several yrs with PfSense. I use it a lot, it is of great help, since it is so easy to handle and has a lot of great features.
I think I have 5 virtual interfaces on it, both strictly internal and the ones going out of the box.
You can say that whatever I handle in my infrastructure, PfSense is involved. I like fixed dhcp addressing, so most interfaces provides that.
Rgrds Johan
Bob
--
Bob Friesenhahn
bfriesen at simple.dallas.tx.us, http://www.simplesystems.org/users/bfriesen/
GraphicsMagick Maintainer, http://www.GraphicsMagick.org/
_______________________________________________
OmniOS-discuss mailing list
OmniOS-discuss at lists.omniti.com
http://lists.omniti.com/mailman/listinfo/omnios-discuss
More information about the OmniOS-discuss
mailing list