Nov 282007

pfSense is yet another opensource firewall which can turn your old PC into a fully functional Firewall. pfSense opensource firewall is based on the m0n0wall opensource embedded firewall with all the good features of m0n0wall and advanced addition features.

pfSense uses OpenBSD's ported packet filter, FreeBSD 6.1 ALTQ (HSFC) for excellent packet queueing and integrated package managegement system for extending with new features.

pfSense can be downloaded a Live CD which is also an installation CD or as an installation ISO for developer edition or an Embedded edition. For more info on the download packages, click here.

The software itself can be downloaded from here

A good set of install instructions are available here

More information on Hardware, minimum requirements and recommended vendor products, visit pfSense here

In additional to the existing features on m0n0wall firewall, pfSense has the special additional features. The following are some of the key additional features:

  • Wireless a/b/g using wpa_supplicant with turbo, WEP, WPA-E/PSK and WPA2 (TKIP) support. Advanced support for wireless devices including HostAP-mode, hardware-encryption if supported by driver, mac-filtering, non-broadcasting SSID with FreeBSD6 supported wireless devices (atheros recommended for full functionality)
  • Incoming/outgoing load balancing pools
  • Multiple WAN Support
  • PPPoE Server
  • Setup wizard and package using xml -> web gui toolkit
  • Realtime settings change to avoid reboots
  • pf for openbsd's packet filter
  • CARP – for failover and clustersyncing (rules, trafficshaper, nat, IPSEC SAs…)
  • failovercapable DHCP-Server with advanced settings (specify gateway, DNS, WINS)
  • Systemstatus with realtimegraphs including SWAP usage monitor
  • ALTQ traffic shaping with integrated magic shaper wizard with Queuegraphs for Trafficshaper
  • FTP-Proxy using Squid Transparent proxy
  • proxy/masquerading for SIP-protocol using siproxd
  • Anti-Spam-Proxy using assp
  • Fake SMTP-Server as Spam-Tarpit using spamd
  • Networkscanner for security auditing using nmap
  • Enhanced traceroute using mtr
  • enhanced configuration-system featuring a configuration history and partial config down-/uploads
  • converting PF-status-massages to Cisco NetFlow-Datagrams using pfflowd
  • PFStat Graphing
  • Enhanced network history data using NTOP
  • STunnel to wrap standard ports with SSL
  • arpwatch to watch ethernet/ip-adress-pairings
  • freeradius to Radiusserver
  • iperf/netio for bandwidth-measuring

A Reader's Toolbox

After SY0-101, a small number of individuals are content with their N10-003 where as the rest go on to study 70-620. This group later covers 350-030 as well.

If you're new here, you may want to subscribe to my RSS feed. Thanks for visiting!

  2 Responses to “pfSense – m0n0wall based OpenSource Firewall using old PC”

  1. […] rgbiernat article is very informativeHere’s a small piece of the storyTags:anti spam dhcp DNS firewall Linux m0n0wall OpenSource Opensource Firewall pfSense proxy Security squid stateful Unix Wireless pfSense is yet another opensource firewall which can turn your old PC into a fully functional Firewall. … […]

 Leave a Reply



You may use these HTML tags and attributes: <a href="" title=""> <abbr title=""> <acronym title=""> <b> <blockquote cite=""> <cite> <code> <del datetime=""> <em> <i> <q cite=""> <s> <strike> <strong>