Difference between revisions of "Comparison"

From securityrouter.org, an OpenBSD-based firewall
Jump to: navigation, search
Line 47: Line 47:
 
|-
 
|-
 
| Firewall rules || [[IPv6|Dual-stack]] || Rule duplication || Rule duplication || Rule duplication || Rule duplication
 
| Firewall rules || [[IPv6|Dual-stack]] || Rule duplication || Rule duplication || Rule duplication || Rule duplication
 +
|-
 +
| Layer-3 translation (eg. NAT64) || [[IPv6|Yes]] || No || No || No || No
 
|-
 
|-
 
! Others !! !! !! !! !!
 
! Others !! !! !! !! !!

Revision as of 11:57, 10 October 2012

Halon 3.0-p17 pfSense 2.0.1 m0n0wall 1.33  Vyatta 6.4 Mikrotik 5.20
Platform OpenBSD 5.0 FreeBSD 8.1 FreeBSD 6.4 Linux 3.0.23 Linux 2.6
Firewall PF (2011) PF (2007) ipfilter iptables iptables
Architecture Intel 32/64-bit Intel 32/64-bit Intel 32-bit Intel 32-bit Intel 32-bit
Management
Config format Clear-text XML XML Clear-text Semi-clear-text
Restore/rollback without reboot Yes No No No No
Test/confirm without reboot Yes No No No No
Revision-managed config Yes (Subversion) Yes (files) No Yes (file rotation) No
Commit multiple changes Yes No No Yes No
CLI config editor Yes No No Yes Yes
API SOAP No No REST Custom
VPN server
L2TP Yes Yes No Yes Yes
PPTP NAT passthrough Yes No No Yes (iptables) Yes (iptables)
DNS suffix in PPTP/L2TP Yes No No No No
Client routes in PPTP/L2TP Yes No No No No
Filter-ID for RADIUS Yes No No No Yes
Routing
MPLS Yes (PE/VPN) No No No Yes
Built-in OSPF/BGP Yes (OpenBGP/OSPFD) No No Yes (Quagga) Yes
BGP TCP-MD5 Yes No No Yes Yes
IPv6
Firewall rules Dual-stack Rule duplication Rule duplication Rule duplication Rule duplication
Layer-3 translation (eg. NAT64) Yes No No No No
Others
Layer 7 load balancing Yes No No No ?