Scott Ullrich and I attended BSDCan for the first time last year. We
were both very happy with the quality of the conference, probably for
the quality of conversations with attendees as much as, or more than the
quality of the presentations (though that's not to say they were bad,
quite the contrary!). Scott ended up presenting part of the FreeSBIE
talk, as he's a FreeSBIE committer, and I pitched in a bit there as
well. We'll definitely be attending again this year.
This year we would like to give a presentation on firewalling and the
BSD's. We're very involved with the two most popular BSD-based firewall
packages, m0n0wall and pfSense. I'm very involved with the m0n0wall
community, as a committer and most frequent contributor to the mailing
lists. Scott and I co-founded pfSense as a fork of m0n0wall, taking a
different direction with different and conflicting goals from m0n0wall
(hence the reason for the fork). But, with the type of audience at
BSDCan, we would not focus heavily on these packages.
This email is basically to get a feel for your interest in this topic.
I'll briefly outline what we're thinking about, and if you have any
interest in this, I can get you something much more detailed.
Think of this as three distinct areas of focus:
1) Current status of firewalling and the BSD's
An overview of the firewalling options with Free, Net, Open, and
DragonFly. What options are available (ipfw, ipfilter, pf, etc.), and
their level of stability and maturity on each. Provide several
reference links for each, for info on how to implement them on each OS.
2) The BSD-based firewall packages
Introduction and overview of the two major open source firewall
packages, m0n0wall and pfSense, that implement BSD firewalling
technologies, with a GUI to greatly increase the usability of the
underlying system. At least half the user base of these packages does
not use BSD in any other regard, and are not familiar much at all with
the underlying OS. Thus, they're not really the typical audience member
from what we saw at BSDCan last year, so we won't focus very heavily in
3) Firewalling best practices
Very few firewalls are implemented as tightly as they could and should
be. This part would be a discussion of firewalling best practices and
how they can be implemented using m0n0wall and pfSense (including how to
just use the GUI systems for generating rule sets for use on stand alone
speakers: Scott Ullrich, Chris Buechler
location: SITE A0150