PfSense

Last updated

pfSense
Version of the FreeBSD operating system
PfSense logo.svg
Dashboard der pfSense 2.6.0.jpg
The main dashboard of pfSense 2.7.0-DEVELOPMENT
Developer Rubicon Communications, LLC (Netgate)
OS family FreeBSD
Working stateCurrent
Source model Closed source and open source
Released to
manufacturing 		Oct 2006
Latest release
  • Community Edition: 2.7.1 (amd64) / November 16, 2023;17 days ago (2023-11-16) [1]
  • Plus: 23.09 / November 6, 2023;27 days ago (2023-11-06) [1]
Repository
Platforms 32-bit (discontinued in 2.4.x); 64-bit Intel / AMD
Default
user interface 		Web
License Apache License 2.0 [2] (Applies to pfSense CE)
Official website pfsense.org
Support status
  • Supported by the community
  • Paid commercial support


pfSense is a firewall/router computer software distribution based on FreeBSD. The open source pfSense Community Edition (CE) and pfSense Plus is installed on a physical computer or a virtual machine to make a dedicated firewall/router for a network. [3] It can be configured and upgraded through a web-based interface, and requires no knowledge of the underlying FreeBSD system to manage. [4] [5]

Contents

Overview

The pfSense project began in 2004 as a fork of the m0n0wall project by Chris Buechler and Scott Ullrich. Its first release was in October 2006. [6] The name derives from the fact that the software uses the packet-filtering tool, PF. [7]

Notable functions of pfSense include traffic shaping, VPNs using IPsec or PPTP, captive portal, stateful firewall, network address translation, 802.1q support for VLANs, and dynamic DNS. [8] pfSense can be installed on hardware with an x86-64 processor architecture. It can also be installed on embedded hardware using Compact Flash or SD cards, or as a virtual machine. [9]

WireGuard protocol support

In February 2021, pfSense CE 2.5.0 and pfSense Plus 21.02 added support for a kernel WireGuard implementation. Support for WireGuard was temporarily removed in March 2021 after implementation issues were discovered by WireGuard founder Jason Donenfeld. [10] [11] [12] The July 2021 release of pfSense CE 2.5.2 version re-included WireGuard. [13]

See also

Related Research Articles

A network operating system (NOS) is a specialized operating system for a network device such as a router, switch or firewall.

PF is a BSD licensed stateful packet filter, a central piece of software for firewalling. It is comparable to netfilter (iptables), ipfw, and ipfilter.

OpenVPN is a virtual private network (VPN) system that implements techniques to create secure point-to-point or site-to-site connections in routed or bridged configurations and remote access facilities. It implements both client and server applications.

IPFilter is an open-source software package that provides firewall services and network address translation (NAT) for many Unix-like operating systems. The author and software maintainer is Darren Reed. IPFilter supports both IPv4 and IPv6 protocols, and is a stateful firewall.

m0n0wall was an embedded firewall distribution of FreeBSD, one of the BSD operating system descendants. It provides a small image which can be put on Compact Flash cards as well as on CD-ROMs and hard disks. It runs on a number of embedded platforms and generic PCs. The PC version can be run with just a Live CD and a floppy disk to store configuration data, or on a single Compact Flash card. This eliminates the need for a hard drive, which reduces noise and heat levels and decreases the risk of system failure through elimination of moving parts found in older hard drives.

Smoothwall is a Linux distribution designed to be used as an open source firewall. Smoothwall is configured via a web-based GUI and requires little or no knowledge of Linux to install or use.

ALTQ is the network scheduler for Berkeley Software Distribution. ALTQ provides queueing disciplines, and other components related to quality of service (QoS), required to realize resource sharing. It is most commonly implemented on BSD-based routers. ALTQ is included in the base distribution of FreeBSD, NetBSD, and DragonFly BSD, and was integrated into the pf packet filter of OpenBSD but later replaced by a new queueing subsystem.

There are a number of Unix-like operating systems based on or descended from the Berkeley Software Distribution (BSD) series of Unix variant options. The three most notable descendants in current use are FreeBSD, OpenBSD, and NetBSD, which are all derived from 386BSD and 4.4BSD-Lite, by various routes. Both NetBSD and FreeBSD started life in 1993, initially derived from 386BSD, but in 1994 migrated to a 4.4BSD-Lite code base. OpenBSD was forked from NetBSD in 1995. Other notable derivatives include DragonFly BSD, which was forked from FreeBSD 4.8, and Apple Inc.'s iOS and macOS, with its Darwin base including a large amount of code derived from FreeBSD.

In the context of free and open-source software, proprietary software only available as a binary executable is referred to as a blob or binary blob. The term usually refers to a device driver module loaded into the kernel of an open-source operating system, and is sometimes also applied to code running outside the kernel, such as system firmware images, microcode updates, or userland programs. The term blob was first used in database management systems to describe a collection of binary data stored as a single entity.

<span class="mw-page-title-main">FreeBSD</span> Free and open-source Unix-like operating system

FreeBSD is a free and open-source Unix-like operating system descended from the Berkeley Software Distribution (BSD). The first version of FreeBSD was released in 1993 developed from 386BSD and the current version runs on x86, ARM, PowerPC and RISC-V processors. The project is supported and promoted by the FreeBSD Foundation.

Tinc is an open-source, self-routing, mesh networking protocol and software implementation used for compressed and encrypted virtual private networks. It was started in 1998 by Guus Sliepen, Ivo Timmermans, and Wessel Dankers, and released as a GPL-licensed project.

<span class="mw-page-title-main">OpenBSD</span> Operating system

OpenBSD is a security-focused, free and open-source, Unix-like operating system based on the Berkeley Software Distribution (BSD). Theo de Raadt created OpenBSD in 1995 by forking NetBSD 1.0. The OpenBSD project emphasizes portability, standardization, correctness, proactive security, and integrated cryptography.

<span class="mw-page-title-main">Junos OS</span> Real-time operating system (RTOS) software

Junos OS is a FreeBSD-based network operating system used in Juniper Networks routing, switching and security devices.

The Data Plane Development Kit (DPDK) is an open source software project managed by the Linux Foundation. It provides a set of data plane libraries and network interface controller polling-mode drivers for offloading TCP packet processing from the operating system kernel to processes running in user space. This offloading achieves higher computing efficiency and higher packet throughput than is possible using the interrupt-driven processing provided in the kernel.

The History of the Berkeley Software Distribution begins in the 1970s.

<span class="mw-page-title-main">OPNsense</span> Firewall distribution

OPNsense is an open source, FreeBSD-based firewall and routing software developed by Deciso, a company in the Netherlands that makes hardware and sells support packages for OPNsense. It is a fork of pfSense, which in turn was forked from m0n0wall built on FreeBSD. It was launched in January 2015. When m0n0wall closed down in February 2015 its creator, Manuel Kasper, referred its developer community to OPNsense.

WireGuard is a communication protocol and free and open-source software that implements encrypted virtual private networks (VPNs), and was designed with the goals of ease of use, high speed performance, and low attack surface. It aims for better performance and more power than IPsec and OpenVPN, two common tunneling protocols. The WireGuard protocol passes traffic over UDP.

Router software requires updating to stay secure, this comparison provides an overview of third party options.

References

  1. 1 2 "Releases — Versions of pfSense and FreeBSD". netgate.com. Retrieved 2023-11-24.
  2. "pfSense adopts Apache 2.0 License". Serve The Home (Loyolan Ventures, LLC). 19 June 2016.
  3. Ot, Anina (2021-02-03). "6 Reasons Why You Should Be Using pfsense Firewall". MUO.
  4. "You should be running a pfSense firewall". InfoWorld. 22 December 2014. Retrieved 27 July 2015.
  5. Miller, Sloan (26 June 2008). "Configure a professional firewall using pfSense". Free Software Magazine (22). Archived from the original on 3 October 2011. Retrieved 27 September 2009.
  6. Fields, Robert (28 October 2016). "Happy 10th Anniversary to pfSense Open Source Software". Netgate Blog.
  7. Mobily, Tony (14 August 2007). "Interview with Jeff Starkweather, Chris Buechler and Scott Ullrich". Free Software Magazine. Archived from the original on 12 September 2015. Retrieved 5 May 2020.
  8. "pfSense® CE functions".
  9. "How to Install pfSense Firewall on Ubuntu and CentOS?". Geekflare. 2020-02-06.
  10. Salter, Jim (2021-03-15). "In-kernel WireGuard is on its way to FreeBSD and the pfSense router". Ars Technica. Retrieved 2021-03-20.
  11. "Releases — 21.02/21.02-p1/2.5.0 New Features and Changes". docs.netgate.com. Retrieved 2021-03-20.
  12. Kumar, Rohit (2021-03-19). "pfSense and FreeBSD Pull Back on Kernel WireGuard Support". ServeTheHome. Retrieved 2021-03-20.
  13. "pfSense CE 2.5.2-RELEASE Now Available". www.netgate.com.

Further reading

This page is based on this Wikipedia article
Text is available under the CC BY-SA 4.0 license; additional terms may apply.
Images, videos and audio are available under their respective licenses.