FreeBSDNews.com

[How-To] Building a BSD home router (pt. 4-8)

By Leave a Comment

In this tutorial, user eerielinux shows us how to set up a BSD home router with pfSense and OPNsense, both open-source router/firewall OS based on FreeBSD. Follow the links below for each part of the 8 part tutorial series.

Part 1 of this article series was about why you want to build your own router, and how to assemble the APU2 that I chose as the hardware to build this on. Part 2 gave some Unix history and explained what a serial console is. Part 3 demonstrated serial access to the APU and showed how to update its firmware.

This post is about the serial installation of pfSense, one of two FreeBSD-based router/firewall operating systems that we’re going to explore in this series (the other being OPNsense). As pfSense is the older and more established product, we’re beginning with that one.

Building a BSD home router (pt. 4): Installing pfSense

This post will show how to install OPNsense, a great alternative to pfSense.

Preparation

OPNsense was forked from pfSense (more on than in the next post) and thus you will find lots of similarities if you have read the post on installing pfSense. The OPNsense team decided to move forward more quickly and did lots of interesting but invasive changes. One strong point for example is that it is already based on FreeBSD 11.0. There is one drawback to this, however: a problem with the XHCI (USB3) driver can lead to the installation media not being able to mount the filesystem and boot up. This makes installing OPNsense a little bit more complicated since the APU2 only has UBS3 ports.

Building a BSD home router (pt. 5): Installing OPNsense

A little overview: In this post I will give you some background information, compare the appearance / usability of both products and then take a look at some special features before giving a conclusion.

pfSense vs. OPNsense: Who wins?

This article is about comparing both products and helping you to make a decision. It is not terribly in-depth, because that task would require its own series of articles (and a lot more free time for me to dig much deeper into the topic). But still there’s a lot you may want to know to get a first impression on which one you should probably choose. If you do some more research and write about it, please let me know and I will happily link to your work!

Building a BSD home router (pt. 6): pfSense vs. OPNsense

 

Revisiting the initial question

In the first post I asked the question “Why would you want to build your own router?” and the answer was “because the stock ones are known to totally suck”. I have since stumbled across this news: Mcafee claims: Every router in the US is compromised. Now Mcafee is a rather flamboyant personality and every is a pretty strong statement. But I’m not such a nit-picker and in general he’s definitely right. If you have a couple of minutes, read the article and/or watch the short Youtube interview that it has embedded.

Building a BSD home router (pt. 7): Advanced OPNsense installation

 

Fixing swap

This is the last part of this series of building a BSD home router. In the previous article we did an advanced setup of OPNsense that works but is currently wasting valuable disk space. We also configured OPNsense for SSH access. Now let’s SSH in and su – to root and continue! Choose shell (menu point 8) so that we can have a look around.

Building a BSD home router (pt. 8): ZFS and jails

pfSense 2.3.4 now available

By Leave a Comment

The developers of pfSense have announced version 2.3.4. This release mainly contains stability and bug fixes. See the official announcement for a full list of changes. Download the ISO here.

We are happy to announce the release of pfSense® software version 2.3.4!

This is a maintenance release in the 2.3.x series, bringing stability and bug fixes, fixes for a few security issues, and a handful of new features. The full list of changes is on the 2.3.4 New Features and Changes page, including a list of FreeBSD and internal security advisories addressed by this release.

This release includes fixes for 24 bugs and 11 Features.

Read on for more details. May the 4th be with you.

Dashboard Updates

On the 2.3.4-RELEASE Dashboard you’ll find a few additional pieces of information: The BIOS vendor, version, and release date – if the firewall can determine them – and a Netgate Unique ID. The Netgate Unique ID is similar to a serial number, it is used to uniquely identify an instance of pfSense software for customers who want to purchase support services. For hardware sold in our store, it also allows us to tie units to our manufacturing records. This ID is consistent across all platforms (bare metal, virtual machines, and hosted/cloud instances such as AWS/Azure). We had originally intended to use the hardware serial number or the UUID generated by the operating system, but we found that these were unreliable, inconsistent, and they could change unexpectedly when the operating system was reinstalled.

Official announcement: https://www.netgate.com/blog/pfsense-2-3-4-release-now-available.html

DistroWatch: http://distrowatch.com/?newsid=09822

 

pfSense 2.3.3 RELEASE Now Available!

By Leave a Comment

The developers of pfSense have announced the official version 2.3.3 RELEASE. See the link below for the full release notes. Download here.

pfsense-logo-150x150We are happy to announce the release of pfSense® software version 2.3.3!

This is a maintenance release in the 2.3.x series, bringing numerous stability and bug fixes, fixes for a handful of security issues in the GUI, and a handful of new features. The full list of changes is on the 2.3.3 New Features and Changes page, including a list of FreeBSD and internal security advisories addressed by this release.

This release includes fixes for 101 bugs, 14 Features, and 3 Todo items.

If you haven’t yet caught up on the changes in 2.3.x, check out the Features and Highlights video. Past blog posts have covered some of the changes, such as the performance improvements from tryforward, and the webGUI update.

Official announcement: https://blog.pfsense.org/?p=2325

DistroWatch: http://distrowatch.com/?newsid=09729

pfSense: http://linux.softpedia.com/blog/freebsd-based-pfsense-2-3-3-open-source-firewall-released-with-over-100-changes-513210.shtml

OPNsense 17.1 “Eclectic Eagle” now available

By Leave a Comment

The developers of of OPNsense have made available the official release of version 17.1, dubbed “Eclectic Eagle”. You can see the full list of feature additions and changes at the official announcement below.

Hi everyone,

The OPNsense team is proud to announce the final availability of version 17.1, nicknamed “Eclectic Eagle”. This major release features FreeBSD 11.0, the SSH remote installer, new languages Italian / Czech / Portuguese, state-of-the-art HardenedBSD security features, PHP 7.0, new plugins for FTP Proxy / Tinc VPN / Let’s Encrypt, native PAM authentication against e.g. 2FA (TOTP), as well a rewritten Nano-style card images that adapt to media size to name only a few.

We would like to encourage everyone to supervise this major upgrade physically. As such, it cannot be performed from the GUI. Instead, go to the root console menu, choose option 12 and type “17.1” at the prompt. The process will download a full set of updates and reboot multiple. All operating system files and packages will be reinstalled as a consequence. This process can also be remotely triggered via SSH.

For fresh installations, images are provided with OpenSSL for 32 and 64 bit Intel architectures. The new SSH installer feature will be listening on the LAN port 192.168.1.1, give out DHCP leases to clients and can connect using the user “root” (console menu) or “installer” (the installer, of course) with the default password “opnsense”.

Mirrors

The respective checksums for the images can be found below this announcement and the direct download links from our capable mirror providers are as follows:

https://opnsense.c0urier.net/releases/17.1/ (Europe)
http://mirrors.nycbug.org/pub/opnsense/releases/17.1/ (US East Coast)
http://mirror.sfo12.us.leaseweb.net/opnsense/releases/17.1/ (US West Coast)

OPNsense 17.1 Released

Phoronix: https://www.phoronix.com/scan.php?page=news_item&px=OPNsense-17.1-Released

Discussion: https://www.phoronix.com/forums/node/928543

OPNsense 17.1-BETA now available

By Leave a Comment

The developers of OPNsense have released their BETA of version 17.1. OPNsense is an open source firewall based on FreeBSD and is also forked from pfSense. Follow the link below to try out their latest BETA release.

Dear friends and followers,

With the best wishes for the holiday season attached we hereby humbly present our 17.1-BETA images and thank everyone for their early input, valid questions and generally keeping us on our toes throughout the past months. The next major release features FreeBSD 11.0, the SSH remote installer, new languages Italian and Czech, state-of-the-art HardenedBSD security features, PHP 7.0, native PAM authentication against e.g. 2FA (TOTP), as well a rewritten Nano-style card images that adapt to the media size to name only a few.

These will be the only beta images. They are not suitable for production environments. Release candidate builds will start in January in order to provide production-ready images. Checksums can be found below this announcement. Direct download links from our capable mirror providers are as follows:

OPNsense 17.1-BETA

Softpedia: http://linux.softpedia.com/blog/freebsd-based-opnsense-17-1-operating-system-for-firewalls-routers-enters-beta-511117.shtml

pfSense 2.3.2-p1 RELEASE Now Available

By Leave a Comment

The developers of pfSense made available version 2.3.2-p1 RELEASE. Notable changes are updates to PHP, libidn, curl, libxml2, OpenSSL vulnerability fixes, HyperV, and many more. See the full release notes in the link below, and download the ISO/image files here.

pfSense
We are happy to announce the release of pfSense® software version 2.3.2-p1!

This is a maintenance release in the 2.3.x series, bringing a number of bug fixes. The full list of changes is on the 2.3.2-p1 New Features and Changes page.

This release includes fixes for 34 bugs and 2 feature items completed.

If you haven’t yet caught up on the changes in 2.3.x, check out the Features and Highlights video. Past blog posts have covered some of the changes, such as the performance improvements from tryforward, and the webGUI update.

Read the full release notes: https://blog.pfsense.org/?p=2122

Related links:

pfSense docs – 2.3.2-p1 New Features and Changes

Softpedia – First pfSense 2.3.2 Update Adds OpenSSL Security Fixes to the BSD-Based Firewall

pfSense 2.3.2 RELEASE now available

By Leave a Comment

The developers of pfSense have announced the official RELEASE of version 2.3.2. Notable changes, as noted by Softpedia, are per-user configuration options in the Dashboard, strongSwan VPN update, IPv6 various configuration support, and more. Download the new ISO or update here.

pfSenseWe are happy to announce the release of pfSense® software version 2.3.2!

This is a maintenance release in the 2.3.x series, bringing a number of bug fixes. The full list of changes is on the 2.3.2 New Features and Changes page.

This release includes fixes for 60 bugs, 8 features and 2 todo items completed.

If you haven’t yet caught up on the changes in 2.3.x, check out the Features and Highlights video. Past blog posts have covered some of the changes, such as the performance improvements from tryforward, and the webGUI update.

Official announcement: https://blog.pfsense.org/?p=2108

Related links:

DistroWatch – BSD Release: pfSense 2.3.2

Softpedia – pfSense 2.3.2 Open Source BSD Firewall Distro Arrives with over 70 Improvements

pfSense 2.3.1 RELEASE update

By Leave a Comment

An update is available as a follow up to the recently released pfSense version 2.3.1. Version 2.3.1. addressed over 100 bug fixes. See the link below to grab the latest version.

pfSense2.3.1 Update 1 (2.3.1_1) is now available. This includes one security fix to the web GUI, and 7 other bug fixes. The 2.3.1-RELEASE change list has been updated with an Update 1 section specifying the changes.

This update will reboot the system after installing.

pfSense 2.3.1 announcement: https://blog.pfsense.org/?p=2050

Update 1 announcement: https://blog.pfsense.org/?p=2068

Related links:

Softpedia – pfSense 2.3 BSD Firewall Gets Its First Major Update with over 100 Changes

DistroWatch – BSD Release: pfSense 2.3.1

pfSense 2.3.1-RELEASE now available

By Leave a Comment

The developers of pfSense have made available version 2.3.1 release. Download the update or install file. See the links in the summary for a full list of changes.

pfSenseWe are happy to announce the release of pfSense® software version 2.3.1!

This is a maintenance release in the 2.3.x series, bringing a number of bug fixes, two security fixes in the GUI, as well as security fixes for OpenSSL, OpenVPN and FreeBSD atkbd and sendmsg. The full list of changes is on the 2.3.1 New Features and Changes page.

This release includes a total of 103 bug fixes. 79 regressions in 2.3 have been fixed, mostly minor issues in the new GUI. Several of these are significant issues, and have resolved nearly all the post-upgrade problems encountered in 2.3-RELEASE. 24 issues affecting 2.2.x and prior versions have also been fixed.

If you haven’t yet caught up on the changes in 2.3.x, check out the Features and Highlights video. Past blog posts have covered some of the changes, such as the performance improvements from tryforward, and the webGUI update.

Official announcement: https://blog.pfsense.org/?p=2050

Related links:

DistroWatch – BSD Release: pfSense 2.3.1

Softpedia – pfSense 2.3 BSD Firewall Gets Its First Major Update with over 100 Changes