Just so you know, pfSense 1.3-ALPHA is definately alpha
Posted by: Anonymous
on October 08, 2008 09:57 PM
...I mean, *really* alpha. The update this morning broke NAT... can't get much more fundamental than that. :) Despite that, it's shaping up to be a robust release.
As for TCP offloading (inlcuding 802.1Q), FreeBSD does support it, but on a driver-by-driver basis. pfSense does need a *lot* more cycles as compared to Linux/IPTables or FreeBSD/IPFW, but mainly because it's handling each packet much more heavily... for better or worse. If you're looking for an open-source embedded-style firewall that can run on very low specifications, m0n0wall or a Linux-based option might be a better choice. If you have the hardware to throw at it though, pfSense has some very competitive features. There's a reason the authors went with PF, even in light of it's CPU-hungry nature.