pfSense

This article or the following section is not adequately provided with supporting documents ( e.g. individual evidence ). Information without sufficient evidence could be removed soon. Please help Wikipedia by researching the information and including good evidence.

pfSense is a firewall - Distribution based on the operating system FreeBSD and the packet filter pf .

Minimum system requirements

To set up version 1.2.x of pfSense on a computer, the computer must meet the following requirements: A Pentium or ARM processor with at least 100 MHz as well as 128 MB RAM and 1 GB hard disk space are required. A CD drive for the installation CD and a USB slot or floppy disk drive for loading settings are required for setup.

The minimum system requirements for pfSense are named here; these requirements change in combination with add-ons.

Origin and comparison

The distribution is a fork of the now discontinued m0n0wall project and was launched in 2004 by Chris Buechler and Scott Ullrich. m0n0wall is a firewall distribution, then based on FreeBSD-4 and ipfilter. m0n0wall is aimed at small embedded systems with few hardware resources. On PCs, m0n0wall runs directly from a CD and saves the configuration in an XML file on a floppy disk. Alternatively, m0n0wall can also run with a CF card adapter from a Flash EEPROM CF card, which is more reliable than the CD / floppy or hard disk variant.

m0n0wall is completely controlled via a web interface. The FreeBSD 4 base system is not accessible through a console. Furthermore, m0n0wall does not support a web proxy, multiprocessor systems and no load distribution.

That is the pfSense approach.

pfSense advantages compared to m0n0wall

pfSense extends the capabilities of m0n0wall and takes over the strengths such as the simple configuration via a PHP web GUI, storage of all configuration data in an XML file and FreeBSD basis.

• pfSense 2.2 supports more hardware with the FreeBSD-10.1 base than m0n0wall with the FreeBSD-8.4 base (as of February 2015).
• Instead of IPFilters comes pf used.
• In addition, more than one CPU is used on multiprocessor / multicore machines (SMP kernel).
• There is SSH access with direct shell access.
• pfSense can be expanded with many packages, for example with the web proxy ( Squid ), IDS ( Snort ) and much more. Since release 1.2.3 this is also supported on embedded (NanoBSD) systems.
• CARP
• multiple WAN connections (for easy load balancing , failover )

pfSense cons compared to m0n0wall

• pfSense needs at least 128 MB RAM, m0n0wall is designed for 64 MB.

Heartbleed bug

PfSense uses OpenSSL and was therefore also affected by the " Heartbleed " bug. This error occurred shortly after the release of version 2.1.1, which is why the update for 2.1.2 was made available on April 10, 2014.

Litigation with Deciso

In November 2017, a World Intellectual Property Organization arbitration court found that Netgate had maliciously used the opnsense.com domain to discredit OPNsense , a competing open source firewall, and ordered Netgate to sell the domain to Deciso, the Developer of OPNsense. The Netgate party tried to invoke the fair use clause , claiming that the domain name was "used on a spoof website"; this was rejected on the grounds that freedom of expression does not cover domain name registration.

Origin of name

The name pfSense is made up of the name of the packet filter used, pf and the English term sense , which is used here in the sense of "making sense of pf". This can be translated as “pf making sense”, “doing something meaningful with pf”, “getting smart out of pf”.

See also

BSD based:

• m0n0wall (discontinued)
• OPNsense
• FreeNAS

Linux based:

• IPCop (discontinued)
• IPFire

Web links

• official website
• unofficial installation guide

Individual evidence

1. ↑ pfSense 2.4.5-RELEASE now available. Retrieved March 29, 2020 . 
2. ↑ Versions of pfSense and FreeBSD. Retrieved March 29, 2020 . 
3. ↑ ^{a b} pfsense.org
4. ↑ Thompson, Jim (April 10, 2014). https://blog.pfsense.org/?p=1253
5. ↑ WIPO Domain Name Decision: D2017-1828 . WIPO. November 12, 2017. Accessed October 31, 2018.
6. ↑ Christopher M. Buechler, Jim Pingle: pfSense - The Definitive Guide to the Open Source Firewall and Router Distribution . Reed Media Services, 2009, ISBN 978-0-9790342-8-2 , p. 1.