"Although Iptables gloms most of the glory, since it is the
packet filter included in the Linux kernel, there is an alternative
worth considering that is at least equally powerful, and easier to
use: pf. pf is developed and maintained on OpenBSD, but the easiest
way to get acquainted with it is by running m0n0wall.
"m0n0wall is a specialized implementation of FreeBSD + pf
designed for routers and firewalls. It weighs in at well under 10
megabytes, while still delivering a complete operating system, a
firewall, Web administration, traffic shaping services, a DNS and a
DHCP server, SNMP, support for DynDNS updates, and a whole lot
Some of the products that appear on this site are from companies from which QuinStreet receives compensation. This compensation may impact how and where products appear on this site including, for example, the order in which they appear. QuinStreet does not include all companies or all types of products available in the marketplace.