from Hacker News

PfSense 2.2.1

by neiesc on 3/23/15, 2:07 PM with 5 comments

• by ch0wn on 3/23/15, 5:04 PM

  For those as ignorant as me, here's the Wikipedia explanation of what PfSense is:

      pfSense is an open source firewall/router computer software distribution
      based on FreeBSD. It is installed on a computer to make a dedicated
      firewall/router for a network and is noted for its reliability and offering
      features often only found in expensive commercial firewalls. It can be
      configured and upgraded through a web-based interface, and requires no
      knowledge of the underlying FreeBSD system to manage. pfSense is commonly
      deployed as a perimeter firewall, router, wireless access point, DHCP
      server, DNS server, and as a VPN endpoint.
  

  > https://en.wikipedia.org/wiki/PfSense

• by mindcrash on 3/23/15, 7:04 PM

  Do checkout OPNsense aswell. It's a PfSense fork with a (more liberal and OSI compliant) BSD license instead of one seemingly created by the org itselves, which actually was one of the reasons for the fork in the first place.

  (If I remember correctly, this was also the main reason why the main author of m0n0wall strongly advised to check this fork out in his goodbye message when the m0n0wall project closed up shop)

  https://opnsense.org/

• by wtallis on 3/23/15, 6:10 PM

  How well is the BSD world keeping up with modern QoS and queue management? A quick Google search indicates that PfSense probably has CoDel, but none of its more useful derivatives like fq_codel. And do its network drivers have or need dynamic byte queue limits as included in some drivers for Linux 3.3 and later?

  OpenWRT is doing great these days, so what's PfSense still got as its key advantages?

• by jms703 on 3/23/15, 5:01 PM

  Are they still using PF code imported from OpenBSD 4.5? That code is 6 years old and has been vastly improved over the years.