Main container

Author Archive

2.0.2 Release Now Available!

pfSense 2.0.2 is a maintenance release with some bug and security fixes since 2.0.1 release. You can upgrade from any previous release to 2.0.2.

Heads up for those upgrading

Auto Update URL – For those upgrading from a prior release, first please make sure you’re on the correct auto-update URL. Tens of thousands of installs were from 2.0 pre-release snapshots which had their update URL set to the snapshot server rather than the stable release updates. Others had manually set their architecture incorrectly at some point and had failed upgrades because of it. Just browse to System>Firmware, Updater Settings tab. From the “Default Auto Update URLs” drop down box, pick either the stable i386 or amd64 depending on which version you have installed, and click Save. Then you can use the auto-update and be ensured you’re pulling from the correct location.
Read the rest of this entry »

FreeBSD Foundation Year-End Fundraising Campaign

The FreeBSD Foundation has put out their year-end fundraising campaign. The FreeBSD Foundation sponsors development of the underlying OS that pfSense is based on. We made a donation as we do every year, and we encourage our users to do the same. They are a 501(c)3 non-profit organization, so US contributors may be able to deduct contributions on their taxes.

pfSense could also use your direct donations to fund general expenses, project development and needed equipment. You can donate directly to us here, though note we’re not a 501(c)3.

Happy World IPv6 Launch Day!

Today is World IPv6 Launch day, when many major websites have permanently added AAAA records to make their sites accessible via IPv6. All our sites have been IPv6-enabled (on native connectivity thanks to bluegrass.net) since last year, running behind pfSense 2.1. Many others are using the current snapshots in production networks.

We’d hoped to have 2.1 released in time for today, but getting to the point we consider full IPv6 support has taken far more work than anticipated. As has become the norm for us over the last several years, we do much more than put a GUI on things, having to implement and/or fix things in the underlying software to meet the needs of our users. There was far more to implement and fix in the underlying software than we anticipated. We have the last major piece addressed this week with CARP IPv6 support now functional. We’re just validating things at this point and fixing some last issues, with the official release coming roughly in the next 1-2 months.

IPv6 isn’t yet a critical need for most every network, but it will be getting to that point quickly. I know many IT professionals have been ignoring it, but it’s time to get up to speed for those who haven’t yet. I encourage everyone to at least start experimenting with it at home if you haven’t yet. For the bulk of us who don’t have an option for native IPv6 at home, our Using IPv6 on 2.1 with a Tunnel Broker document will get you going.

2.0.1 release now available!

pfSense 2.0.1 release is now available. This is a maintenance release with some bug and security fixes since 2.0 release. This is the recommended release for all installations. As always, you can upgrade from any previous release to 2.0.1, so if you haven’t upgraded to 2.0 yet, just upgrade straight to 2.0.1. For those who use the built in certificate manager, pay close attention to the notes below on a potential security issue with those certificates.

Change list

Read the rest of this entry »

7 year anniversary of pfSense

7 years ago today, the name pfSense was settled on, and pfsense.org/com/net domains were registered. It’s grown from the volunteer efforts of a handful of people, to one of the most widely used platforms in the world, with a whole team of people making a living working on the project thanks to our support and reseller customers. Thanks to everyone who makes the project possible, and here’s to the next 7 years and beyond!

pfSense exceeds 100,000 known live installs

One of the common questions we get is how many installs are out there. While we don’t have any means of definitively knowing, we do have one metric that can be counted. Each month every system updates its IPv4 bogons list once, pulling from one of our servers. By counting the number of unique public IPs using FreeBSD’s fetch to pull that file within one calendar month, we know how many live installs are out there that have Internet connectivity at least.

October 2011 is the first month that number has exceeded 100,000, with a total of 103,137. We’re adding 3000 net new installs on average every month in 2011, with over 4000 additional installs in October.

This under-counts the total for several reasons:

1. Only versions from November 2008 and newer pull this file from our servers, so it does not include older versions. While I expect the vast majority are on newer versions than that, we routinely encounter systems running versions that old and much older.
2. Some systems do not have DNS configured and hence cannot fetch the update.
3. Some systems are on private internal networks that cannot reach the Internet.
4. Some networks have multiple systems that go out from a single public IP, which we only count once.

No telling how many total installs are actually out there, but it’s definitely in excess of 103,000.

Thanks to all our users for helping us reach this significant milestone!

Hackathon 2011 / EuroBSDCon wrap up

Thanks to many of you who contributed to our hackathon fund. It was a great success. We had 6 developers together here in Louisville. The primary areas of focus were 2.1 development, in the following areas.

  • Moving packages to PBIs – the package system in 2.1 will switch to using the PBI package system, originally from PC-BSD, though also used by some on stock FreeBSD installs. The benefit of using PBIs is each package has all its dependencies included in the package, which eliminates the dependency messes that can happen currently, such as one package requiring a certain version of a dependent package but another requiring a different version, uninstallation of one package stomping on another package by uninstalling a dependency it requires, uninstallation of a package breaking the base system by deleting things it uses (though we already work around that one automatically), easing clean uninstall of packages, amongst other benefits. This will be a great improvement in the package system for 2.1.
  • Read the rest of this entry »

Seeking donations for pfSense Hackathon 2011

In a couple weeks, several of the developers will be coming together here in Louisville for another Hackathon, where we get together and work on various things related to the project for a week, as we’ve done approximately every 18 months since the project’s inception. This year we’ll have 7 developers, from 4 different continents. There isn’t a set agenda, though 2.1 release and IPv6 will be two items (of many) of focus. We like to make sure we can feed everyone, and provide coffee, beer, etc. for 7 days. Plus we’ve covered some travel expenses.

Whether you can just spare a few bucks for a fine beverage at Heine Brothers or Highland Coffee (both of which should be sponsors with the amount we spend there in a week), or enough for a few dozen pizzas, every bit helps!

Donate Here

Thanks!