In the last days/weeks I've been looking for an alternative firewall solution. Looking at the impressive feature set of pfSense I thought about implementing it at a site. I have done an evaluation but I'm not quite sure if pfSense can do what I want from it. So I wanted to ask all the Spiceheads out there; perhaps someone is using it with similar requirements.
Requirements:
- Web Application Firewall: This is something which I'm missing in all other OS firewalls. I don't want to publish a whole webserver but only those files/paths which are necessary for the public. I didn't get mod_security to run and didn't find a tutourial for it. And also mod_security is only a beta.
- Proxy Server: For our internal network I want the proxy server with NTLM authentication. But I do also want to filter/log the http connections from our guest network(without NTLM but captive portal). As I noticed it's only possible to set one config for squid so is it possible to achive this?
- Also to the Proxy Server: Is it possible with squid to unblock certain websites for a group of users?
Besides pfSense I have also looked at Endian and Untangle which also look great but do lack some features which pfSense offers.