pfSense

From Wikipedia, the free encyclopedia
Jump to: navigation, search
pfSense
Pfsense logo.png
pfsense 2.1.5 screenshot
Developer Electric Sheep Fencing, LLC
OS family FreeBSD (10.1-RELEASE)
Working state Current
Source model Open source
Latest release 2.2.4 / July 27, 2015 (2015-07-27)
Platforms Intel x86, AMD64
Kernel type Monolithic kernel
License ESF (6-clause BSD-alike License)[1]
ICLA[1][2] and CCLA[1][3]
Official website www.pfsense.org

pfSense is an open source firewall/router computer software distribution based on FreeBSD.[4] It is installed on a physical computer or a virtual machine to make a dedicated firewall/router for a network and is noted for its reliability[5] and offering features often only found in expensive commercial firewalls.[6][7] It can be configured and upgraded through a web-based interface, and requires no knowledge of the underlying FreeBSD system to manage.[6][8] pfSense is commonly deployed as a perimeter firewall, router, wireless access point, DHCP server, DNS server, and as a VPN endpoint. pfSense supports installation of 3rd party packages like Snort or Squid through its Package Manager.

Name[edit]

The name was derived from the fact that it helps make the stateful packet-filtering tool PF (which acts as a firewall, packet filter, and routing service on many BSD and Unix platforms) make more sense to non-technical users.[9]

History[edit]

The pfSense project started in 2004 as a fork of the m0n0wall project by Chris Buechler and Scott Ullrich.[10] From the beginning, it focused on full PC installations, as opposed to m0n0wall's focus on embedded hardware. However, pfSense is also available as an embedded image for CompactFlash-based installations. Version 1.0 of the software was released on October 4, 2006.[11] Version 2.0 was released on September 17, 2011.[12] Version 2.1 was released on September 15, 2013[13] and version 2.2 was released January 23, 2015.[14][15]

Version history[edit]

Features[edit]

Install, update, packages, management
  • Live CD, update, NanoBSD/embedded, virtual machine, and USB installers available
  • Packaged support/push-button installer for extensions, including the Squid proxy server, the Snort intrusion prevention/detection system, ntop, the HAVP antivirus package, IP address blocklist'
  • Multi-language
  • Console, web-based GUI, SSH (if enabled) and serial management
  • RRD graphs reporting
  • Traffic shaping and filtering
  • Real-time information using Ajax
Functionality and connectivity
Firewall and routing
  • Stateful firewall
  • Network Address Translation
  • Filtering by source/destination IP address, protocol, OS/network fingerprinting
  • Flexible routing
  • Per-rule configurable logging and per-rule limiters (IP addresses, connections, states, new connections, state types), Layer 7 protocol inspection, policy filtering (or packet marking), TCP flag state filtering, scheduling, gateway
  • Packet scrubbing
  • Layer 2/bridging capable
  • State table "up to several hundred thousand" states (1 KB RAM per state approx)
  • State table algorithms customizable including low latency and low-dropout
Packages support

Packages available as "push button installs" among others:

Hardware[edit]

pfSense has low system requirements and can be installed on wide range of hardware with x86 and x86-64 architecture. It is also available in versions for embedded use on hardware using Compact Flash or SD cards. pfSense supports virtualized installation as well. More about hardware requirements here

Official pfSense hardware is available via pfSense store.

See also[edit]

BSD based:
Linux based:

References[edit]

  1. ^ a b c "LICENSE Copyright © 2004-2015 Electric Sheep Fencing, LLC.". www.pfsense.org. Electric Sheep Fencing LLC. Retrieved 28 June 2015. 
  2. ^ "ESF Individual Contributor License Agreement, v1.0" (PDF). www.pfsense.org. Electric Sheep Fencing LLC. Retrieved 28 June 2015. 
  3. ^ "ESF Software Grant and Corporate Con tributor License Agreement, v1.1" (PDF). www.pfsense.org. Electric Sheep Fencing LLC. Retrieved 28 June 2015. 
  4. ^ "You should be running a pfSense firewall". InfoWorld. 22 December 2014. Retrieved 27 July 2015. 
  5. ^ Danen, Vincent (December 7, 2009). "DIY pfSense firewall system beats others for features, reliability, and security". TechRepublic. If you want a high-availability and highly reliable firewall, pfSense is definitely something to seriously consider 
  6. ^ a b Miller, Sloan (June 26, 2008). "Configure a professional firewall using pfSense". Free Software Magazine (22). No experience is needed with FreeBSD or GNU/Linux to install and run pfSense 
  7. ^ Stahie, Silviu (April 7, 2014). "pfSense 2.1.1 Firewall Distro Can Replace Any Commercial Alternative". Softpedia. Firewall Distro Can Replace Any Commercial Alternative 
  8. ^ "You should be running pfsense" - Paul Venezia, InfoWorld http://www.infoworld.com/article/2861574/network-security/you-should-be-running-pfsense-firewall.html
  9. ^ Buechler, Chris (June 21, 2007). "So what does pfSense stand for/mean, anyway?". pfSense Digest. 
  10. ^ "pfSense Open Source Firewall Distribution - History". 
  11. ^ a b Ullrich, Scott (October 13, 2006). "1.0-RELEASED!". pfSense Digest. 
  12. ^ a b Buechler, Chris (September 17, 2011). "2.0-RELEASED!". pfSense Digest. 
  13. ^ a b Buechler, Chris (September 15, 2013). "pfSense 2.1-RELEASE now available!". pfSense Digest. 
  14. ^ a b Buechler, Chris (January 23, 2015). "2.2 Release now available!". pfSense Digest. 
  15. ^ http://distrowatch.com/table.php?distribution=pfsense
  16. ^ Ullrich, Scott (October 29, 2006). "1.0.1-RELEASED!". pfSense Digest. 
  17. ^ Ullrich, Scott (April 29, 2007). "1.2-BETA-1 released!". pfSense Digest. 
  18. ^ Buechler, Chris (February 25, 2008). "1.2 Release Available!". pfSense Digest. 
  19. ^ Buechler, Chris (December 26, 2008). "pfSense 1.2.1 released!". pfSense Digest. 
  20. ^ Buechler, Chris (January 9, 2009). "pfSense 1.2.2 released!". pfSense Digest. 
  21. ^ Buechler, Chris (December 10, 2009). "pfSense 1.2.3 released!". pfSense Digest. 
  22. ^ Buechler, Chris (December 20, 2011). "2.0.1 release now available!". pfSense Digest. 
  23. ^ Buechler, Chris (December 21, 2012). "2.0.2 release now available!". pfSense Digest. 
  24. ^ Buechler, Chris (April 15, 2013). "2.0.3 release now available!". pfSense Digest. 
  25. ^ Thompson, Jim (April 4, 2014). "2.1.1-RELEASE now available". pfSense Digest. 
  26. ^ Thompson, Jim (April 10, 2014). "2.1.2 Release Now available". pfSense Digest. 
  27. ^ Dillard, Jared (May 2, 2014). "2.1.3 RELEASE Now available". pfSense Digest. 
  28. ^ Dillard, Jared (June 25, 2014). "2.1.4 RELEASE Now available". pfSense Digest. 
  29. ^ Dillard, Jared (August 27, 2014). "2.1.5 RELEASE Now available". pfSense Digest. 
  30. ^ http://distrowatch.com/table.php?distribution=pfsense
  31. ^ Buechler, Chris (March 17, 2015). "2.2.1 RELEASE Now available". pfSense Digest. Retrieved 13 April 2015. 
  32. ^ Buechler, Chris (April 15, 2015). "2.2.2 RELEASE Now available!". pfSense Digest. Retrieved 15 April 2015. 
  33. ^ Buechler, Chris (June 25, 2015). "2.2.3 RELEASE Now available!". pfSense Digest. Retrieved 7 July 2015. 
  34. ^ Buechler, Chris (July 27, 2015). "2.2.4 RELEASE Now available!". pfSense Digest. Retrieved 27 July 2015. 

External links[edit]