This article relies excessively on references to primary sources. Please improve this by adding secondary or tertiary sources. Find sources: "PfSense" – news · newspapers · books · scholar · JSTOR (July 2018) (Learn how and when to remove this template message)
pfSense
Version of the FreeBSD operating system
PfSense logo.svg
DeveloperRubicon Communications, LLC (Netgate)
OS familyFreeBSD
Working stateCurrent
Source modelClosed source and open source
Released to
manufacturing
Oct 2006
Latest release2.6.0 (amd64) / February 14, 2022; 8 months ago (2022-02-14)[1]
Latest preview2.7.0[2]
Repository
Platforms32-bit (discontinued in 2.4.x); 64-bit Intel / AMD
Default
user interface
Web
LicenseApache License 2.0[3] applies to pfSense CE
Official websitewww.pfsense.org
Support status
Supported by the community
PfSense 2.3.2
PfSense 2.3.2

pfSense is a firewall/router computer software distribution based on FreeBSD. The open source pfSense Community Edition (CE) and pfSense Plus is installed on a physical computer or a virtual machine to make a dedicated firewall/router for a network.[4] It can be configured and upgraded through a web-based interface, and requires no knowledge of the underlying FreeBSD system to manage.[5][6]

Overview

The pfSense project began in 2004 as a fork of the m0n0wall project by Chris Buechler and Scott Ullrich. Its first release was in October 2006.[7] The name derives from the fact that the software uses the packet-filtering tool, PF.[8]

In February 2021, feature updates of pfSense CE 2.5.0 and pfSense Plus 21.02 included a kernel WireGuard implementation, however, following reported issues in the code by WireGuard founder Jason Donenfeld, it was discontinued in March 2021.[9][10][11] The July 2021 release of pfSense CE 2.5.2 version re-included WireGuard.[12]

Notable functions of pfSense include traffic shaping, VPNs using IPsec or PPTP, captive portal, stateful firewall, network address translation, 802.1q support for VLANs, and dynamic DNS.[13] pfSense can be installed on hardware with an x86-64 processor architecture. It can also be installed on embedded hardware using Compact Flash or SD cards, or as a virtual machine.[14]

In November 2017, a World Intellectual Property Organization panel found Netgate, the copyright holder of pfSense, utilized OPNsense' trademarks in bad faith to discredit OPNsense, and obligated Netgate to transfer ownership of a domain name to Deciso.[15]

In February 2020, a developer directly sponsored by Netgate started to commit code for a WireGuard kernel module to FreeBSD.[16] By February 2021, the module was included in pfSense CE 2.5.0, pfSense Plus 21.02,[17] and scheduled for release in FreeBSD 13.0. WireGuard founder Jason Donenfeld reviewed the code only to find glaring issues including “random sleeps added to ‘fix’ race conditions, validation functions that just returned true, catastrophic cryptographic vulnerabilities, whole parts of the protocol unimplemented, kernel panics, security bypasses, overflows, random printf statements deep in crypto code, the most spectacular buffer overflows, and the whole litany of awful things.”[18] These discoveries prompted FreeBSD and later pfSense to remove WireGuard support.[19]

In May 2021, WireGuard support was re-introduced back into pfSense CE and pfSense Plus development snapshots as an experimental package written by a member of the pfSense community, Christian McDonald. The WireGuard package for pfSense incorporates the ongoing kernel-mode WireGuard development work by Jason A. Donenfeld that was originally sponsored by Netgate.[20][21][22]

In June 2021, the official package repositories for both pfSense CE 2.5.2 and pfSense Plus 21.05 included the WireGuard package.[23]

See also

References

  1. ^ "Releases — Versions of pfSense and FreeBSD". netgate.com. Retrieved 2022-02-16.
  2. ^ pfSense Snapshot Release
  3. ^ "pfSense adopts Apache 2.0 License". Serve The Home (Loyolan Ventures, LLC). 19 June 2016.
  4. ^ Ot, Anina (2021-02-03). "6 Reasons Why You Should Be Using pfsense Firewall". MUO.
  5. ^ "You should be running a pfSense firewall". InfoWorld. 22 December 2014. Retrieved 27 July 2015.
  6. ^ Miller, Sloan (26 June 2008). "Configure a professional firewall using pfSense". Free Software Magazine (22). Archived from the original on 3 October 2011. Retrieved 27 September 2009.
  7. ^ Fields, Robert (28 October 2016). "Happy 10th Anniversary to pfSense Open Source Software". Netgate Blog.
  8. ^ Mobily, Tony (14 August 2007). "Interview with Jeff Starkweather, Chris Buechler and Scott Ullrich". Free Software Magazine. Archived from the original on 12 September 2015. Retrieved 5 May 2020.
  9. ^ Salter, Jim (2021-03-15). "In-kernel WireGuard is on its way to FreeBSD and the pfSense router". Ars Technica. Retrieved 2021-03-20.
  10. ^ "Releases — 21.02/21.02-p1/2.5.0 New Features and Changes". docs.netgate.com. Retrieved 2021-03-20.
  11. ^ Kumar, Rohit (2021-03-19). "pfSense and FreeBSD Pull Back on Kernel WireGuard Support". ServeTheHome. Retrieved 2021-03-20.
  12. ^ "pfSense CE 2.5.2-RELEASE Now Available". www.netgate.com.
  13. ^ "pfSense® CE functions".
  14. ^ "How to Install pfSense Firewall on Ubuntu and CentOS?". Geekflare. 2020-02-06.
  15. ^ "WIPO Domain Name Decision: D2017-1828". WIPO. November 12, 2017.
  16. ^ Salter, Jim (2021-03-15). "In-kernel WireGuard is on its way to FreeBSD and the pfSense router". Ars Technica. Retrieved 2021-03-20.
  17. ^ "Releases — 21.02/21.02-p1/2.5.0 New Features and Changes | pfSense Documentation". docs.netgate.com. Retrieved 2021-03-20.
  18. ^ Salter, Jim (2021-03-15). "In-kernel WireGuard is on its way to FreeBSD and the pfSense router". Ars Technica. Retrieved 2021-03-20.
  19. ^ Kumar, Rohit (2021-03-19). "pfSense and FreeBSD Pull Back on Kernel WireGuard Support". ServeTheHome. Retrieved 2021-03-20.
  20. ^ Long, Scott (2021-05-05). "pfSense: WireGuard returns as an Experimental Package". Netgate - Secure networks start here. Retrieved 2021-06-09.
  21. ^ Paxson, Audian (2021-01-19). "WireGuard for pfSense Software". Netgate - Secure networks start here. Retrieved 2021-06-09.
  22. ^ "wireguard-freebsd - WireGuard implementation for the FreeBSD kernel". git.zx2c4.com. Retrieved 2021-06-09.
  23. ^ Pingle, Jim (2021-06-02). "pfSense Plus 21.05-RELEASE Now Available". Netgate - Secure networks start here. Retrieved 2021-06-09.

Further reading