I would suggest pf, because it is very actively supported by the OpenBSD team.
For more information, see the pf section of http://daemonforums.org/showthread.php?t=108
__________________
You don't need to be a genius to debug a pf.conf firewall ruleset, you just need the guts to run tcpdump
|