• We’re currently investigating an issue related to the forum theme and styling that is impacting page layout and visual formatting. The problem has been identified, and we are actively working on a resolution. There is no impact to user data or functionality, this is strictly a front-end display issue. We’ll post an update once the fix has been deployed. Thanks for your patience while we get this sorted.

pfsense 1.0 is out

It's based on FreeBSD. It's based on m0n0wall, so it has all the m0n0wall goodness, plus much more. I've been waiting on this for a long time. m0n0wall was always to featureless for me, and ipcop seems unrefined. pfsense has a clean polished interface, nicer than m0n0wall's IMO, includes a lot of features and has a packaging system to add more features.

It has snort support (not entirely certain its inline or just protecting itself, or if it's in IPS mode or IDS mode) which I've been wanting. The only caveat for me is I would like l2tp support, which it doesn't look like it has yet.
 
nice.



Originally posted by: Brazen
It's based on FreeBSD. It's based on m0n0wall, so it has all the m0n0wall goodness, plus much more. I've been waiting on this for a long time. m0n0wall was always to featureless for me, and ipcop seems unrefined. pfsense has a clean polished interface, nicer than m0n0wall's IMO, includes a lot of features and has a packaging system to add more features.

It has snort support (not entirely certain its inline or just protecting itself, or if it's in IPS mode or IDS mode) which I've been wanting. The only caveat for me is I would like l2tp support, which it doesn't look like it has yet.
Click to expand...

agreed.
 
I've been using m0n0wall for a while, what's the single most important feature that pfsense offers that you guys like?
 
Originally posted by: Joony
I've been using m0n0wall for a while, what's the single most important feature that pfsense offers that you guys like?
Click to expand...

pretty much just what I said in my previous post. If you are wanting to know more about it's features, just check out it's webpage, there are a lot of good ones.

If features is something you want, then go with pfsense, but I think the some of the developers are the same as for m0n0wall, or at least work closely with m0n0wall. The idea was to keep m0n0wall as a lightweight, simple firewall applicance, and have pfsense as sort of a m0n0wall-plus to incorporate the features and extensibility that some people are wanting.
 
I am currently running m0n0wall, the only feature I'd like to have that I currently don't is the ability to set up firewall rules based on time (to cut off Internet access on a schedule.) Anyone know if pfsense will do this?
 
Originally posted by: tbooth
I am currently running m0n0wall, the only feature I'd like to have that I currently don't is the ability to set up firewall rules based on time (to cut off Internet access on a schedule.) Anyone know if pfsense will do this?
Click to expand...

Any unix-like system should be able to do that with a little cron work.
 
Originally posted by: n0cmonkey
Originally posted by: tbooth
I am currently running m0n0wall, the only feature I'd like to have that I currently don't is the ability to set up firewall rules based on time (to cut off Internet access on a schedule.) Anyone know if pfsense will do this?
Click to expand...

Any unix-like system should be able to do that with a little cron work.
Click to expand...

there is a CLI in there...

http(or s)://serverip/exec.php 😀
 
man this is so badass...i just got my router up and running...noticing a large difference in performance already:
specs:
p3 500mhz
256mb ram
2gb WD drive
2x 10/100 nics
latest ver. of pfsense

as soon as i got it all configured...i continued an FTP upload session...and when i was previously uploading at about 60-70K..i was now doing 90+...same network usage too...now to test with torrents...thanks for the link!
 
Originally posted by: Goosemaster
Originally posted by: n0cmonkey
Originally posted by: tbooth
I am currently running m0n0wall, the only feature I'd like to have that I currently don't is the ability to set up firewall rules based on time (to cut off Internet access on a schedule.) Anyone know if pfsense will do this?
Click to expand...

Any unix-like system should be able to do that with a little cron work.
Click to expand...

there is a CLI in there...

http(or s)://serverip/exec.php 😀
Click to expand...

No one else sees a problem with running a webserver and PHP scripts on a firewall? 😕
 
Originally posted by: n0cmonkey

No one else sees a problem with running a webserver and PHP scripts on a firewall? 😕
Click to expand...

What firewall appliance _doesn't_ have a webserver with some sort of scripting interface? 😕 About your only option there would be to run a linux box with cli-only. Even Ciscos have a java-based web gui.
 
Originally posted by: tbooth
I am currently running m0n0wall, the only feature I'd like to have that I currently don't is the ability to set up firewall rules based on time (to cut off Internet access on a schedule.) Anyone know if pfsense will do this?
Click to expand...

I vaguely remember reading about this feature in pfsense.
 
Originally posted by: Brazen
Originally posted by: n0cmonkey

No one else sees a problem with running a webserver and PHP scripts on a firewall? 😕
Click to expand...

What firewall appliance _doesn't_ have a webserver with some sort of scripting interface? 😕 About your only option there would be to run a linux box with cli-only. Even Ciscos have a java-based web gui.
Click to expand...

"Everybody does it" doesn't make it a good idea. 😉
 
Originally posted by: n0cmonkey
Originally posted by: Brazen
Originally posted by: n0cmonkey

No one else sees a problem with running a webserver and PHP scripts on a firewall? 😕
Click to expand...

What firewall appliance _doesn't_ have a webserver with some sort of scripting interface? 😕 About your only option there would be to run a linux box with cli-only. Even Ciscos have a java-based web gui.
Click to expand...

"Everybody does it" doesn't make it a good idea. 😉
Click to expand...

I would disagree when it comes to sex.

Unless you need to paperbag them each time since those damn bags are expensive.
 
Originally posted by: n0cmonkey
No one else sees a problem with running a webserver and PHP scripts on a firewall? 😕
Click to expand...
Well, pretty much every home router has it and it hasn't shown too many adverse effects 😛 Probably far better than increasing the risk of user error by giving them something more complex. It's not like you'd expose it on an external interface...
 
what is this watchdog timeout error i keep getting on my two interfaces? it happens about once a day or so...i increased my states to 100k, only using ~7k...anyone know?? i wiki'd on pfsense site and didnt find anything other than upping the states
 
Originally posted by: Journer
what is this watchdog timeout error i keep getting on my two interfaces? it happens about once a day or so...i increased my states to 100k, only using ~7k...anyone know?? i wiki'd on pfsense site and didnt find anything other than upping the states
Click to expand...

What chipset is on your network cards?

Watchdog timeouts is usually either a problem with the driver or the chipset.
 
realtek and uhhh...dlink...lol ill look the nums up when iget back from class
it auto detected them...and they work...lol despite the timeouts i havent noticed any downtime
 
Originally posted by: Journer
realtek and uhhh...dlink...lol ill look the nums up when iget back from class
it auto detected them...and they work...lol despite the timeouts i havent noticed any downtime
Click to expand...

The realtek is probably an 8139, one of the worst chipsets evar. The D-Link may or may-not be an 8139. Check rl(4).
 
Originally posted by: Brazen
Originally posted by: n0cmonkey

The realtek is probably an 8139, one of the worst chipsets evar.
Click to expand...

Really? I've had great luck with a few 8139s.
Click to expand...

Yep. I've heard there have been a couple of worse ones, but I can't remember details at the moment. From what I remember about the 8139 a lot of work has to be done by the driver and host compter because the chipset is just bad.
 
You must log in or register to reply here.

TRENDING THREADS

Back
Top