Author Archive

OpenVPN client now available on Apple iOS!

Friday, January 18th, 2013

Great news for many pfSense users today, as OpenVPN Technologies in collaboration with Apple have released an OpenVPN client for iOS.

Within hours of its release, Jim Pingle updated our OpenVPN Client Export package’s inline export option to be compatible with iOS (and retaining its Android compatibility). The inline export is available for 2.0.x and 2.1 versions. Upgrade your package under System>Packages to the latest version and use the inline export option, which can be imported into the iOS client via iTunes amongst other methods. I had my iPhone connected to OpenVPN within 5 minutes, it’s a quick, easy process.

Our thanks to OpenVPN Technologies and Apple for making this happen!

2.0.2 Release Now Available!

Friday, December 21st, 2012

pfSense 2.0.2 is a maintenance release with some bug and security fixes since 2.0.1 release. You can upgrade from any previous release to 2.0.2.

Heads up for those upgrading

Auto Update URL – For those upgrading from a prior release, first please make sure you’re on the correct auto-update URL. Tens of thousands of installs were from 2.0 pre-release snapshots which had their update URL set to the snapshot server rather than the stable release updates. Others had manually set their architecture incorrectly at some point and had failed upgrades because of it. Just browse to System>Firmware, Updater Settings tab. From the “Default Auto Update URLs” drop down box, pick either the stable i386 or amd64 depending on which version you have installed, and click Save. Then you can use the auto-update and be ensured you’re pulling from the correct location.
Read the rest of this entry »

FreeBSD Foundation Year-End Fundraising Campaign

Monday, December 10th, 2012

The FreeBSD Foundation has put out their year-end fundraising campaign. The FreeBSD Foundation sponsors development of the underlying OS that pfSense is based on. We made a donation as we do every year, and we encourage our users to do the same. They are a 501(c)3 non-profit organization, so US contributors may be able to deduct contributions on their taxes.

pfSense could also use your direct donations to fund general expenses, project development and needed equipment. You can donate directly to us here, though note we’re not a 501(c)3.

2.1 Tutorial at EuroBSDCon 2012

Thursday, August 2nd, 2012

Ermal and I will be doing a full day pfSense 2.1 tutorial at EuroBSDCon 2012, October 18 in Warsaw, Poland. Registration has just opened. This will be a training-focused session, going through many of the features common to every version, covering changes in 2.1, with focus on IPv6 in each portion of the system.

pfSense at Texas Linux Fest 2012

Sunday, July 15th, 2012

I will be presenting on pfSense 2.1 and IPv6 at Texas Linux Fest, August 3-4 in San Antonio. We’ll also have a table in the exhibition area where I’ll be camped out most of both days talking to users, so if you’re in the area, stop by! Our friends at Netgate are providing an ALIX we’ll be giving away. Look forward to meeting many of you there.

Happy World IPv6 Launch Day!

Wednesday, June 6th, 2012

Today is World IPv6 Launch day, when many major websites have permanently added AAAA records to make their sites accessible via IPv6. All our sites have been IPv6-enabled (on native connectivity thanks to bluegrass.net) since last year, running behind pfSense 2.1. Many others are using the current snapshots in production networks.

We’d hoped to have 2.1 released in time for today, but getting to the point we consider full IPv6 support has taken far more work than anticipated. As has become the norm for us over the last several years, we do much more than put a GUI on things, having to implement and/or fix things in the underlying software to meet the needs of our users. There was far more to implement and fix in the underlying software than we anticipated. We have the last major piece addressed this week with CARP IPv6 support now functional. We’re just validating things at this point and fixing some last issues, with the official release coming roughly in the next 1-2 months.

IPv6 isn’t yet a critical need for most every network, but it will be getting to that point quickly. I know many IT professionals have been ignoring it, but it’s time to get up to speed for those who haven’t yet. I encourage everyone to at least start experimenting with it at home if you haven’t yet. For the bulk of us who don’t have an option for native IPv6 at home, our Using IPv6 on 2.1 with a Tunnel Broker document will get you going.

2.0.1 release now available!

Tuesday, December 20th, 2011

pfSense 2.0.1 release is now available. This is a maintenance release with some bug and security fixes since 2.0 release. This is the recommended release for all installations. As always, you can upgrade from any previous release to 2.0.1, so if you haven’t upgraded to 2.0 yet, just upgrade straight to 2.0.1. For those who use the built in certificate manager, pay close attention to the notes below on a potential security issue with those certificates.

Change list

Read the rest of this entry »

7 year anniversary of pfSense

Saturday, November 5th, 2011

7 years ago today, the name pfSense was settled on, and pfsense.org/com/net domains were registered. It’s grown from the volunteer efforts of a handful of people, to one of the most widely used platforms in the world, with a whole team of people making a living working on the project thanks to our support and reseller customers. Thanks to everyone who makes the project possible, and here’s to the next 7 years and beyond!

pfSense exceeds 100,000 known live installs

Wednesday, November 2nd, 2011

One of the common questions we get is how many installs are out there. While we don’t have any means of definitively knowing, we do have one metric that can be counted. Each month every system updates its IPv4 bogons list once, pulling from one of our servers. By counting the number of unique public IPs using FreeBSD’s fetch to pull that file within one calendar month, we know how many live installs are out there that have Internet connectivity at least.

October 2011 is the first month that number has exceeded 100,000, with a total of 103,137. We’re adding 3000 net new installs on average every month in 2011, with over 4000 additional installs in October.

This under-counts the total for several reasons:

1. Only versions from November 2008 and newer pull this file from our servers, so it does not include older versions. While I expect the vast majority are on newer versions than that, we routinely encounter systems running versions that old and much older.
2. Some systems do not have DNS configured and hence cannot fetch the update.
3. Some systems are on private internal networks that cannot reach the Internet.
4. Some networks have multiple systems that go out from a single public IP, which we only count once.

No telling how many total installs are actually out there, but it’s definitely in excess of 103,000.

Thanks to all our users for helping us reach this significant milestone!

Hackathon 2011 / EuroBSDCon wrap up

Thursday, October 20th, 2011

Thanks to many of you who contributed to our hackathon fund. It was a great success. We had 6 developers together here in Louisville. The primary areas of focus were 2.1 development, in the following areas.

  • Moving packages to PBIs – the package system in 2.1 will switch to using the PBI package system, originally from PC-BSD, though also used by some on stock FreeBSD installs. The benefit of using PBIs is each package has all its dependencies included in the package, which eliminates the dependency messes that can happen currently, such as one package requiring a certain version of a dependent package but another requiring a different version, uninstallation of one package stomping on another package by uninstalling a dependency it requires, uninstallation of a package breaking the base system by deleting things it uses (though we already work around that one automatically), easing clean uninstall of packages, amongst other benefits. This will be a great improvement in the package system for 2.1.
  • Read the rest of this entry »