pfSense

pfSense
Company / developer	BSD Perimeter LLC / Chris Buechler, Scott Ullrich
OS family	BSD
Working state	Current
Source model	Open source free software
Latest stable release	2.0.3 / April 15, 2013
Latest unstable release	2.1 BETA / Daily snapshots
Supported platforms	Intel x86, Intel x64
Kernel type	Monolithic kernel
License	BSD License
Official website	http://www.pfsense.org/

pfSense is an open source firewall/router distribution based on FreeBSD. pfSense is meant to be installed on a personal computer and is noted for its reliability^[1] and offering features often only found in expensive commercial firewalls.^[2] It can be configured and upgraded through a web-based interface, and requires no knowledge of the underlying FreeBSD system to manage.^[2] pfSense is commonly deployed as a Perimeter Firewall, router, wireless access point, DHCP server, DNS server, and as a VPN endpoint.

The name was derived from the fact that it helps make the OpenBSD packet-filtering tool pf make more sense to non-technical users.^[3]

History [edit]

The pfSense project started in 2004 as a fork of the m0n0wall project by Chris Buechler and Scott Ullrich.^[4] From the beginning, it focused on full PC installations, as opposed to m0n0wall's focus on embedded hardware. However, pfSense is also available as an embedded image for CompactFlash-based installations. Version 1.0 of the software was released on October 4, 2006.^[5] Version 2.0 was released on September 17, 2011.^[6]

Features [edit]

Install, update, packages, management	Live CD, update, NanoBSD/embedded, virtual machine, and USB installers available Packaged support/push-button installer for extensions, including the Squid proxy server, the Snort intrusion prevention/detection system, ntop, the HAVP antivirus package, IP blocklists, and the FreeSWITCH^[7] telephony platform Multi-language Console, web-based GUI, SSH (if enabled) and serial management RRD graphs reporting Traffic shaping and filtering Real-time information using Ajax
Functionality and connectivity	Virtual Private Networks using IPsec, L2TP, OpenVPN, or PPTP PPPoE server High availability clustering; redundancy and failover including CARP and pfsync Outbound and inbound load balancing Quality of Service (QoS) Dynamic DNS Captive portal uPnP Multi-WAN VLAN (802.1q) DHCP server and relay IPv6 support (in v2.1 beta) Multiple public IPs/multi-NAT RADIUS/LDAP Multiple resolvers (DNS forwarder, unbound, TinyDNS, other) Aliases supported for rules, IPs, ports, computers, and other entities
Firewall and routing	Stateful firewall Network Address Translation Filtering by source/destination IP, protocol, OS/network fingerprinting Flexible routing Per-rule configurable logging and per-rule limiters (IPs, connections, states, new connections, state types), Layer 7 protocol inspection, policy filtering (or packet marking), TCP flag state filtering, scheduling, gateway Packet scrubbing Layer 2/bridging capable State table "up to several hundred thousand" states (1KB RAM per state approx) State table algorithms customizable including low latency and low-dropout

Packages available as "push button installs" (as at March 2013) include: - Asterisk, Apache with mod-security, FreeSWITCHG (Voice over IP), jail, LCD panel support, spamd email tarpit, nmap, stunnel, Varnish accelerator, Multiple monitoring and statistics packages, file managers.

Hardware [edit]

Although the focus of pfSense development is on full-PC installation, a version is provided targeted for embedded use, and many companies produce embedded systems specifically designed to run pfSense.^[8]^[9]^[10]^[11]^[12]

References [edit]

^ Danen, Vincent (December 7, 2009). "DIY pfSense firewall system beats others for features, reliability, and security". TechRepublic. "If you want a high-availability and highly reliable firewall, pfSense is definitely something to seriously consider"
^ ^a ^b Miller, Sloan (June 26, 2008). "Configure a professional firewall using pfSense". Free Software Magazine (22). "No experience is needed with FreeBSD or GNU/Linux to install and run pfSense"
^ Buechler, Chris (June 21, 2007). "So what does pfSense stand for/mean, anyway?". pfSense Digest.
^ "pfSense Open Source Firewall Distribution - History".
^ Ullrich, Scott (October 13, 2006). "1.0-RELEASED!". pfSense Digest.
^ Buechler, Chris (September 17, 2011). "2.0-RELEASED!". pfSense Digest.
^ pfSense's FreeSWITCH
^ "pfSense Firewall".
^ "OPNsense - pfsense firewall appliances".
^ "StrongBochs pfSense features".
^ "pfSense firewall Kit".
^ "pfSense embedded and UTM appliance firewall italian Kit".

External links [edit]

Official website

[1] Danen, Vincent (December 7, 2009). "DIY pfSense firewall system beats others for features, reliability, and security". TechRepublic. "If you want a high-availability and highly reliable firewall, pfSense is definitely something to seriously consider"

[fsm-2] Miller, Sloan (June 26, 2008). "Configure a professional firewall using pfSense". Free Software Magazine (22). "No experience is needed with FreeBSD or GNU/Linux to install and run pfSense"

[3] Buechler, Chris (June 21, 2007). "So what does pfSense stand for/mean, anyway?". pfSense Digest.

[4] "pfSense Open Source Firewall Distribution - History".

[5] Ullrich, Scott (October 13, 2006). "1.0-RELEASED!". pfSense Digest.

[6] Buechler, Chris (September 17, 2011). "2.0-RELEASED!". pfSense Digest.

[7] Sense's FreeSWITCH

[8] "pfSense Firewall".

[9] "OPNsense - pfsense firewall appliances".

[10] "StrongBochs pfSense features".

[11] "pfSense firewall Kit".

[12] "pfSense embedded and UTM appliance firewall italian Kit".

[1]

[2]

[3]

[4]

[5]

[6]

[7]

[8]

[9]

[10]

[11]

[12]

pfSense

Contents

History [edit]

Features [edit]

Hardware [edit]

See also [edit]

References [edit]

External links [edit]

Navigation menu

Personal tools

Namespaces

Variants

Views

Actions

Search

Navigation

Interaction

Toolbox

Print/export

Languages