Archive for the ‘Announcements’ Category

Happy 5th anniversary to pfSense

Thursday, November 5th, 2009

Five years ago today, the pfsense.* domains were first registered. The project actually hit 5 years since its inception about 2-3 months ago, living the first part of its life as projectx (some history here) with no website.We’ve come a long way!

Thanks to everyone who has supported the project in any fashion over the past five years. Here’s to even better things in the next 5 years!

And what better way to celebrate than picking up a fresh off the press copy of the pfSense book?

pfSense book now available for purchase!

Tuesday, November 3rd, 2009

Now available on Amazon

NOTE: The print book is still available, however being based on the 1.2.3 version, it is largely obsolete. The 2.1 PDF edition is immediately available for Gold Subscribers. It’s the recommended version for everyone, as it’s been greatly expanded and updated.

Click here for details.

Finally, comprehensive documentation for pfSense is available in print!

Table of contents is available here.

Authored by pfSense co-founder Chris Buechler and pfSense developer Jim Pingle, The Definitive Guide to pfSense covers installation and basic configuration through advanced networking and firewalling of the popular open source firewall and router distribution.

This book is designed to be a friendly step-by-step guide to common networking and security tasks, plus a thorough reference of pfSense’s capabilities. The Definitive Guide to pfSense covers the following topics:

  • An introduction to pfSense and its features.
  • Hardware and system planning.
  • Installing and upgrading pfSense.
  • Using the web-based configuration interface.
  • Backup and restoration.
  • Firewalling fundamentals and defining and troubleshooting rules.
  • Port forwarding and Network Address Translation.
  • General networking and routing configuration.
  • Bridging, Virtual LANs (VLANs), and Multi-WAN.
  • Virtual Private Networks using IPsec, PPTP, and OpenVPN.
  • Traffic shaping and load balancing.
  • Wireless networking and captive portal setups.
  • Redundant firewalls and High Availability.
  • Various network related services.
  • System monitoring, logging, traffic analysis, sniffing, packet capturing, and troubleshooting.
  • Software package and third-party software installations and upgrades.

At the end of this book, you’ll find a menu guide with the standard menu choices available in pfSense and a detailed index.

Buy now

Thanks for your support!

First spotting of the pfSense book…

Friday, September 4th, 2009

We have been announcing the upcoming pfSense book already multiple times here on the blog. Here’s a quick update for all those waiting to finally buy it: It’s almost done!

As you can see from the information on the publishers site it only needs some finishing touches and even the first preview print has been produced.

Stay tuned, we’re almost there!

Next generation of pfSense embedded now available

Tuesday, July 14th, 2009

Embedded has historically been a second class citizen, with most development focus and most users ( > 80% of downloads) using full installs. Taking advantage of what a full install offers was in fact the original reason for this project, though embedded was later added. This has now changed considerably, with the introduction of the next generation of pfSense embedded. It’s been on the snapshot server for quite some time and been a work in progress for months, but now we want to alert people of its presence for wider testing. It is based on nanobsd, a standardized build methodology for FreeBSD embedded applications.

The changes it brings:

  • Reliable upgrades – Finally, no longer is there a need to re-flash your CF and restore your configuration.
  • Multiple firmware support – there are two partitions, each containing their own separate pfSense install. To test upgrades, you can upgrade the second partition, and roll back to the first if necessary.
  • Package support – packages that are suitable for an embedded platform are supported.
  • Multiple hardware architecture support – with some additional changes that are currently in the works, this will allow us to support non-x86 architectures in the future, where FreeBSD supports those architectures and specific platforms. Expect to see MIPS and ARM first, with others possible. Historically, these platforms had such limited CPU, RAM and flash that we would have been forced to spend an inordinate amount of time trimming things down, removing numerous features only to end up with a much less attractive offering. That development time is better spent elsewhere. With new MIPS and ARM platforms offering considerably more flash and RAM, this is no longer the case. Though these hardware limits are still applicable to your typical consumer grade Linksys and similar routers, they will never be supported. Specific information on supported hardware will come in the future.

There are 512 MB, and 1, 2 and 4 GB images available. The 4 GB images work fine with larger size CF cards. For now there won’t be any images larger than 4 GB, though expect that to change for 2.0.

1.2.3 embedded will be released based on nanobsd, and the old means of doing embedded will be discontinued. This means the minimum CF size for 1.2.3 embedded will be 512 MB. This is necessary because of the dual firmware support, it has to be twice as big, and we want to leave plenty of space for future upgrades.

What about my smaller than 512 MB CF card?
There isn’t an easy way to accommodate CF cards less than 512 MB. A 512 MB card can be found for under $20 USD including shipping, you’ll need to upgrade.

You’ll find images in the nanobsd folders on the snapshot server.

For problem reporting, please use the 1.2.3 board on the forum, or the mailing list.

POLL: Which size compact flash card would you like to us ship in 1.2.3?

Monday, June 29th, 2009

Please vote on this poll and help us decide which size of NanoBSD embedded to ship in 1.2.3.,17369.0.html

Follow pfSense commits now via Twitter!

Saturday, January 24th, 2009

BillM recently added support for sending commits to Twitter!   Check out the pfSense commit tweet channel at

Also if you have not seen it you can follow Scott (me) at

pfSense in 2009

Wednesday, December 31st, 2008

As 2008 comes to a close, we have many plans for 2009. This post outlines some of the big things coming up in 2009.

  • CVS conversion to git – this has been partially in progress for 6 months now, and now that 1.2.1 is out, Bill Marquette is working on getting us converted. This should be done within the next week, and brings a number of development-related benefits which will be detailed later.
  • pfSense as an appliance building framework – one of the things Scott and I envisioned in founding this project is to make it into an appliance building framework, in combination with the package system. With 2.0, this has come to fruition. The firewall project will remain as it is today, but we have also set things up in a way that allows us to build appliances such as pfDNS, pfPBX, and more to come. This also makes it easier to build the rebranded versions of pfSense that several companies sell. If your company is interested in selling a rebranded version, we encourage you to check out our reseller subscription.
  • Release of pfSense: The Definitive Guide book – this has been a work in progress for more than a year, and should be in print and available for purchase in the first quarter of 2009.
  • Conferences – pfSense will be presented at multiple conferences this year. DCBSDCon in February is confirmed, and we will likely also be at BSDCan and NYCBSDCon in 2009.
  • Developer summit/hackathon – we’ll be having our fourth annual developer conference in March. This is a full week get together, with 6-8 developers expected to attend from across the US and Europe.
  • 1.2.x maintenance releases – We will put out maintenance releases with bug and security fixes as needed, probably into 2010. None will see as significant of changes as 1.2 to 1.2.1, with the switch from FreeBSD 6.2 to 7.0, to avoid the lengthy release engineering process that significant change necessitated.
  • 2.0 release – we hope to see the 2.0 final release late in 2009, or at a minimum, be at release candidate status by this time next year. There is a significant amount up in the air with this release, and a lot of work remaining to be completed, so this is a very rough estimate. After getting converted to git, we will be moving 2.0 from its current FreeBSD 7.1 base to what will become FreeBSD 8.0. We expect the 2.0 final release will be on FreeBSD 8.0, though that depends on FreeBSD’s release schedule which is entirely outside our control.

2008 was the most successful year to date for this project, and we look forward to making 2009 top that. Thanks to all of you who support the project, especially our commercial support and reseller subscribers!

Here’s to a great 2009. Happy New Year!

VoIP coming to pfSense

Thursday, December 11th, 2008

Some of you might have noticed already that there is a new package listed in your pfSense’s package manager: FreeSWITCH. Mark Crane is working hard to bring you VoIP-PBX-features to pfSense. More information on FreeSWITCH can be found here.

Check out this screenshot for a sneak peak:

The package is not yet completely done but feel free to check it out. Feedback is appreciated, however if you want to discuss a bug that you have found or a special configuration please take this to the forum or mailinglist.

NTOP is back!!

Thursday, December 4th, 2008

I just reinstated the NTOP package for 1.2.1 and 2.0!!

If you were waiting on this package before deploying 1.2.1 your wait is now over.  Enjoy!  :)

Linked in pfSense software users group

Tuesday, November 11th, 2008

Use linked in?   Join our pfSense software users group!!