[hollander]

On the Github page you could mention that the APU is quite often used to install pfsense on, which in turn runs on FreeBSD. A short explanation why OpenBSD is better than FreeBSD can do no harm. Maybe the people who're going to do this need no such explanation, but the occasional visitor may appreciate a bit more story.

[a012]

Is there's a comparison between FreeBSD vs. OpenBSD in packets filtering, routing performance et al?

[aomix]

Well, to the best of my understanding. FreeBSD will generally have better performance while OpenBSD has the latest pf syntax and features. This is a source of animosity between the two projects that I don't fully understand.

FreeBSD has done a lot of work to enable SMP for their pf so that gives it the edge on modern multicore systems. This work wasn't able to be used in OpenBSD so that was unique to FreeBSD for a long time. Right now OpenBSD is in the middle of doing the same for pf and their network stack. So the performance difference shrinks on every release. The newer pf syntax and features make writing rulesets easier, like replacing ALTQ with prio for traffic shaping.

[walterbell]

Are there differences in firewall features, or is OS-level security posture the main difference?

[eladx]

One major drawback to OpenBSD's pf, at least from a research perspective, is its lack for extensibility. Both FreeBSD and Linux offer extensions that can come in very handy, for example a BPF matcher for packets as opposed to regular rules.