A number of pfSense developers will be flying in to Louisville from around the world to participate in the 2007 Hackthon! During this time a number of pfSense developers get together and spend most of their time hacking on pfSense, testing and many other related items.
Have you ever wasted too much time online? Right, so posting this on my blog imparts some selection bias to the answers to that question. But have you really wasted time to the point of not getting work done, or letting other things fall by the wayside?
We’re going to block some sites that sing their siren song to us, calling like the blue light inside the bug zapper. I’ll use four that friends have suggested.
Now, it’s simply no good to just cut off your access to these sites. The goal here is to get you back to work, not to make it so that you have to go find a way around an all-encompassing block to get your fix. So, we’re going to block access to problem sites during parts of the day when you think you ought not be accessing them.
This can now be easily done with pfSense
To implement this we need to break down the problem into two parts:
1. What do we want to block?
2. When do we want to block it?
Read the complete howto here.
1.2-BETA-2 has many new features and stability improvements making it the leading Open Source firewall solution. Enterprise features, rock solid stability adds up to one great release!
Here are just a few of the new improvements and features that have made their way into this new version: advanced outbound NAT fixes; UPNP now works on live CD; miscellaneous log viewing fixes; password field lengths now line up on nervecenter theme; IPSEC now works correctly on CARP interfaces out of the box; routed hosts behind a policy-routed segment can now reach the LAN interface correctly when the anti-lockout rule is enabled; pfSync and CARP now will work correctly on extremely restrictive rulesets; captive portal images fixed…
Read the rest of the release announcement for full details.
I’ve been going through all the open bug tickets cleaning up things that have been fixed and reviewing everything else to help Scott and the other developers fix the remaining issues. We’re down to about a half dozen known issues in the current RELENG_1_2 snapshots, which will hopefully all be fixed in a week or less. At that point, assuming we don’t find any other issues in the mean time, 1.2b2 will be released.As always, I can’t speculate on a release date for 1.2. That largely depends on what issues people find once 1.2b2 is out, and how much the developers’ real lives and paid work get in the way of open source work. Probably somewhere between 1-4 months from now. We’re shooting for sooner rather than later, as this release is already drastically more reliable and bug free than 1.0.1, but we also want to make sure there are no known issues in the 1.2 release.
Source: pfSense Blog
A very short comparison
Compared to m0n0wall, it (i.e. pfSense) has many many more features. That proves problematic for very basic systems, like the soekris net4501 which only has 64mb of ram. m0n0wall runs great on that platform, but pfsense requires 128MB of RAM so its a no go.
m0n0wall does have simplicity going for it, as well as security. Simplicity is nice in many ways – fewer things can go wrong, etc., and with no ssh or servers other than the webGUI which can use SSL, you’ve got a tight box – even the console is very limited.
There’s more detailed information on the differences and similarities between pfSense and M0n0wall on the FreeBSD systems page.
FreeBSD (FBSD) is an advanced Unix-like operating system developed by the FreeBSD Project. FBSD is one of the most reliable, robust and secure operating systems in the world. It is free, open source and powers some of the internet’s largest web servers, including Yahoo’s and Sony’s (more companies). Rock-solid stability and the ability to perform extremely well under heavy workloads makes this operating system a popular choice among Internet Service Providers and Web hosting companies. A cohesive userland and kernel, the ports system and regular OS upgrades are the strengths of this OS.
FreeBSD is derived from the Berkeley Software Distribution (BSD), the version of UNIX developed at the University of California at Berkeley between 1975 and 1993. FreeBSD is not a UNIX clone. Historically and technically, it has greater rights than UNIX System V to be called UNIX. Legally, it may not be called UNIX, since UNIX is now a registered trade mark of The Open Group.
FreeBSD runs on Intel processors as well as on DEC Alpha, Sun UltraSPARC processors, Itanium (IA-64) and AMD64 processors and soon on Suns Niagara servers (FreeBSD 7).
FreeBSD is an operating system that is very flexible and can therefore be used for various purposes:
- FreeBSD – (web)servers
- FreeNAS – Network Attached Storage servers
- DragonFly BSD – Powering cluster computing
- PC-BSD and DesktopBSD – Desktop
- M0n0wall and pfSense – Firewall
- Frenzy – portable system administrator toolkit
- FreeSBIE and RoFreeSBIE- Live CDs
Stability, flexibility and security are what is needed for a good operating system, and FreeBSD has them all, whether you use it on your desktop or as server. There’s an interesting article on IBM’s website “Why FreeBSD” dealing with the strong points of FreeBSD.
About 2 weeks ago the pfSense Project have released 1.2-Beta-1. This version contains a quite a number of improvements and new features, including
If you want to see how to install pfSense or how to access the web interface, check out hese two video’s here.
FreeBSD is an advanced operating system for x86 compatible (including Pentium® and Athlon), amd64 compatible (including Opteron, Athlon 64, and EM64T), UltraSPARC, IA-64, PC-98 and ARM architectures. It is derived from BSD, the version of UNIX® developed at the University of California, Berkeley. It is developed and maintained by a large team of individuals. Additional platforms are in various stages of development.
PC-BSD has been designed with the “casual” computer user in mind. Installing the system is simply a matter of a few clicks and a few minutes for the installation process to finish. Hardware such as video, sound, network and other devices will be auto-detected and available at the first system startup. Home users will immediately feel comfortable with PC-BSD’s desktop interface, with KDE 3.5 running under the hood. Software installation has also been designed to be as painless as possible, simply double-click and software will be installed.
DesktopBSD aims at being a stable and powerful operating system for desktop users. DesktopBSD combines the stability of FreeBSD, the usability and functionality of KDE and the simplicity of specially developed software to provide a system that’s easy to use and install.
m0n0wall is a project aimed at creating a complete, embedded firewall software package that, when used together with an embedded PC, provides all the important features of commercial firewall boxes (including ease of use) at a fraction of the price (free software). m0n0wall is based on a bare-bones version of FreeBSD, along with a web server, PHP and a few other utilities. The entire system configuration is stored in one single XML text file to keep things transparent. m0n0wall is probably the first UNIX system that has its boot-time configuration done with PHP, rather than the usual shell scripts, and that has the entire system configuration stored in XML format.
pfSense is an open source firewall derived from the m0n0wall operating system platform with radically different goals such as using OpenBSD’s ported Packet Filter, FreeBSD 6.1 ALTQ (HFSC) for excellent packet queueing and finally an integrated package management system for extending the environment with new features.
FreeNAS is a free NAS (Network-Attached Storage) server, supporting: CIFS (samba), FTP, NFS, RSYNC protocols, local user authentication, Software RAID (0,1,5) with a Full WEB configuration interface. FreeNAS takes less than 32MB once installed on Compact Flash, hard drive or USB key. The minimal FreeBSD distribution, Web interface, PHP scripts and documentation are based on M0n0wall.
Freesbie is a LiveCD based on the FreeBSD Operating system, or even easier, a FreeBSD-based operating system that works directly from a CD, without touching your hard drive.
RoFreeSBIE is a Live DVD/CD installable on hark disk. Its goal is to promote FreeBSD and make it an educational tool and a mobile desktop too.
Frenzy is a “portable system administrator toolkit,” LiveCD based on FreeBSD. It generally contains software for hardware tests, file system check, security check and network setup and analysis.
More and more up-to-date information can be found on the FreeBSD systems page.