pfSense

PfSense is a firewall distribution based on the FreeBSD operating system and the packet filter pf.

Minimum System Requirements

To set up pfSense in version 1.2.x on a computer, the computer must meet the following requirements: There are a Pentium processor with 100 MHz and 128 MB RAM and 1 GB hard disk space. To set up a CD drive for installation CD and a USB port or a floppy drive to load settings is needed.

Here are the minimum system requirements for pfSense are called, in combination with add-ons to change those conditions.

Origin and comparison

The distribution is derived from m0n0wall. m0n0wall is a firewall distribution based on FreeBSD 4 and ipfilter. m0n0wall is aimed at small embedded systems with little hardware resources. On PCs running m0n0wall directly from a CD and saves the configuration in an XML file on a floppy disk. Alternatively, run m0n0wall CF card with a CF card adapter of a flash EEPROM, which is more reliable than the CD/Floppy- or disk version.

M0n0wall is controlled via a web interface. The FreeBSD -4- based system is not accessible via a console. Furthermore, m0n0wall does not support Web proxy, no multi-processor systems, and load balance.

This is the approach of pfSense.

PfSense advantages compared to m0n0wall

PfSense extends the capabilities of m0n0wall and assumes the strengths, such as the simple configuration via a PHP web GUI, storing all configuration data in an XML file and the FreeBSD base.

  • PfSense supported by the FreeBSD 8 base more hardware than m0n0wall.
  • Instead of IPFilters pf is used.
  • Also on multiprocessor / multicore machines more than one CPU is used ( SMP kernel ).
  • There is a SSH access with direct shell access.
  • PfSense can be extended with many packages, for example with the web proxy ( Squid), IDS ( Snort ) and much more. Since release 1.2.3 this is also supported on embedded ( NanoBSD ) systems.
  • CARP
  • Multiple WAN connections (for simple load balancing, failover )
  • PfSense ' embedded image is based since Release 1.2.3 on NanoBSD and supports dual imaging. The CD / CF card is split into two halves, allowing an upgrade of the distribution during operation. After the upgrade can then be booted the second partition. In case of failure thus a fallback to the previous installation is possible.

PfSense - disadvantages compared to m0n0wall

  • PfSense needs at least 128 MB RAM, m0n0wall is designed for 64 MB.

Origin of the name

The name pfSense is composed of the name of the packet filter pf and used the English term sense, which is used here in the sense of "making sense of pf ". This can be mutatis mutandis translate to " pf any sense to ", " pf sense making ", " from pf be smart ," or " pf be appreciated ."

646263
de