Can't speak to FreeBSD, but I've run OpenBSD on firewalls for like 30 years, mostly because it is actually good at this, and the syntax, while changing, did so more slowly, and was more sensical to use than all of the linux ipchains/iptables/nftables menagerie (which, I will admit has improved - nftables isn't half bad).
It's also good from an ecosystem perspective to have a few parallel implementations of the same thing, as it avoids a bugs/flaws that could affect all of a monoculture.
Also, I'd rather have something made by people who are more paranoid than me, and are driving forward unix implementations - for example, the work done on 64 bit time_t.
It just works better for my specific use case. If you have a use case where FreeBSD works better, go for it.
It's also good from an ecosystem perspective to have a few parallel implementations of the same thing, as it avoids a bugs/flaws that could affect all of a monoculture.
Also, I'd rather have something made by people who are more paranoid than me, and are driving forward unix implementations - for example, the work done on 64 bit time_t.
It just works better for my specific use case. If you have a use case where FreeBSD works better, go for it.