Thanks to the hard work of Ermal Luçi, pfSense 1.3 now contains a number of great interface and dynamic DNS related improvements. The following has all been completed.
- PPPoE and PPTP are now possible on any interface rather than just WAN. For multi-WAN with multiple PPPoE or PPTP connections you previously needed to do the PPPoE or PPTP on the modem or other device, now pfSense handles this directly.
- Dynamic DNS is now multi-account capable. This means you can use it with multiple WANs, and/or use multiple services on the same WAN.
- carpdev support – This was attempted, and unfortunately backed out because of problems with carpdev in FreeBSD. If those problems are resolved, it will return. This allows the use of CARP without the static public IP requirement.
- Interface list consistency – this isn’t really relevant to end users, but it’s a great improvement for developers. The means of obtaining the list of active interfaces obtained from m0n0wall initially had really turned into a hack as we have added functionality such as multi-WAN and single interface support. This resolves a number of development difficulties.
- Completely reorganized back end interface support. The interfaces are all treated equally now, fully removing the “special” status that LAN and WAN formerly received.
- Improved back end VLAN interface handling
- Introduction for dummynet support in pf – this provides even more flexible and powerful traffic shaping abilities, including these two oft-requested features amongst numerous other possibilities:
– Per user bandwidth limiting
– Per local subnet bandwidth limiting
- Improved ruleset creation speed – testing shows at least a 15% improvement here.
- Captive Portal is now multi-WAN capable
- Sticky connections for outbound load balancing should be fixed.
Mostly finished work
- Replace the event system with a daemon offering better handling of events.
Work in progress
- Better PPTP and FTP handling in NAT. The PPTP fixes will allow multiple outbound connections to the same external PPTP server using a single public IP. Details of that issue on the Features page on the website under PPTP/GRE NAT limitation.
- More disciplines on the shaper such as shortest living connections getting higher priority, and addition of the JoBS/WFQ discipline for ALTQ.