Released: PC-BSD 8.0-BETA

pc-bsd logo 100x100Kris Moore announced on New Year’s day the availability of PC-BSD 8.0-BETA (Hubble Edition).

Version 8.0 contains a number of enhancements and improvements. For a full list of changes, please refer to the changelog. Some of the notable changes are:

  • FreeBSD 8.0-Release
  • KDE 4.3.4
  • Brand new System Installer, allows the install of PC-BSD or FreeBSD
  • Run in Live mode directly from DVD
  • Updated Software Manager, allows browsing and installing applications directly
  • Support for 3D acceleration with NVIDIA drivers on amd64

Version 8.0-BETA of PC-BSD is available for download from our mirrors, and will be available shortly as bittorrent from www.gotbsd.net.

In order to prepare for 8.0-Release, please report any bugs to the Trac Database! Discussion regarding testing etc are taking place on the testing mailinglist.

Links

Dru Lavigne has finished the first draft of the Definitive Guide for PC-BSD. This book is based on PC-BSD 8 and is written for the novice user. Will keep you posted when the final paper version is published.

Released: pfSense 1.2.3

pfsense logo 100x100Chris Buechler has announced pfSense 1.2.3

1.2.3 release is now available! This is a maintenance release in the 1.2.x series, bringing an updated FreeBSD base, some minor enhancements, some bug fixes, and a couple security updates. We’ve been waiting a few weeks in anticipation of a FreeBSD security advisory for the SSL/TLS renegotiation vulnerability, which came last week and allowed us to finalize the release.

The primary changes from 1.2.2 are:

  • Upgrade to FreeBSD 7.2
  • Embedded switched to nanobsd
  • Dynamic interface bridging bug fix
  • IPsec connection reloading improvements
  • Dynamic site to site IPsec
  • Sticky connections enable/disable
  • Ability to delete DHCP leases
  • Polling fixed
  • ipfw state table size
  • Server load balancing
  • UDP state timeout increases
  • Disable auto-added VPN rules option
  • Multiple servers per-domain in DNS forwarder overrides
  • No XMLRPC Sync rules fixed
  • Captive portal locking replaced
  • Outbound load balancer replaced

For futher details, the changelog and download info, visit the pfSense 1.2.3 page

PC-BSD and pfSense books

Authored by pfSense co-founder Chris Buechler and pfSense developer Jim PingleThe Definitive Guide to pfSense covers installation and basic configuration through advanced networking and firewalling of the popular open source firewall and router distribution.

This book is designed to be a friendly step-by-step guide to common networking and security tasks, plus a thorough reference of pfSense’s capabilities. The Definitive Guide to pfSense covers the following topics:

  • An introduction to pfSense and its features.
  • Hardware and system planning.
  • Installing and upgrading pfSense.
  • Using the web-based configuration interface.
  • Backup and restoration.
  • Firewalling fundamentals and defining and troubleshooting rules.
  • Port forwarding and Network Address Translation.
  • General networking and routing configuration.
  • Bridging, Virtual LANs (VLANs), and Multi-WAN.
  • Virtual Private Networks using IPsec, PPTP, and OpenVPN.
  • Traffic shaping and load balancing.
  • Wireless networking and captive portal setups.
  • Redundant firewalls and High Availability.
  • Various network related services.
  • System monitoring, logging, traffic analysis, sniffing, packet capturing, and troubleshooting.
  • Software package and third-party software installations and upgrades.

The first review of the book is out now.

Congratulations to pfSense for their 5 year anniversary.

pc-bsd logo 100x100Dru Lavigne is currently working on a book on PC-BSD: Definitive Guide to PC-BSD

I’m about 2/3 of the way through book #3 on BSD, tentatively titled “The Definitive Guide to PC-BSD”. This book will be through Apress, and I’m excited that it will include a live DVD of PC-BSD 8.0 so you can follow along as you read it. The book is designed for users new to BSD up to existing PC-BSD/FreeBSD power users. Think of it as the type of book new users can grow into while existing users can still find nuggets of “I didn’t know that”. I’ve also concentrated on the importance of community–a concept new users aren’t used to and most tech books never mention.

Here is the Table of Contents:

Basic pfsense to pfsense IPSEC tunnel config

pfsense logo 100x100Rolfsa is another user who’s replacing Cisco PIX boxes with pfSense.

Part of my security redesign this year is to replace our aging Cisco PIX boxes with pfsense. Yesterday I spent the day setting up a simulated environment for 3 of our offices over an Internet connection. I was able to get the IPSEC tunnel up and running between two pfsense boxes pretty quick. Here’s a quick and dirty process for getting it all to work:

ANNOUNCEMENT: BSD Router Project (bsdrp)

Olivier Cochard-Labbé, an IP routing expert and founder of FreeNAS (a FreeBSD based Network-Attached-Storage system), has released the first alpha (0.1) image of his new project: BSD Router Project - http://bsdrp.net

bsdrp is an open source customised distribution of FreeBSD dedicated to offering IP routing services for small ISP’s.

The release 0.1 of BSDRP is a fully working prototype, to be used on real or virtual machines that boot from ATA device only (not usb).

This first release includes:

  • Base FreeBSD 8.0-CURRENT system (NanoBSD) for i386
  • Customized script (config, upgrade, help, command completion, etc…)
  • Quagga ready to use (OSPFv2, OSPFv3, RIP, RIPng and BGP)

You may ask, what is the difference between BSDRP and m0n0wall of pfSense.

  • The main goal of BSDRP is not firewalling but routing. If you need a firewall don’t use BSDRP: Use m0n0wall or pfSense.
  • BSDRP is not for a home use, but for compagny use (small ISP’s for example).
  • BSDRP doesn’t have a Web GUI: It’s to be configured from a CLI only (like Cisco or Juniper)
  • pfSense can be used for routing, but Olivier wanted to set up a Cisco or Juniper like project just for routing.

Thanks, Olivier, for contacting me to announce this project. If you have any (new) FreeBSD related products or services that you want to announce, submit it here.

Comparison between pfSense and Check Point

pfsense logo 100x100Jake describes his experiences with router systems pfSense and Check Point

After been using the CheckPoint safe@office in a live environment for almost two month I have now decided to go back to using my homebuilt pfSense firewall.

Both firewalls have pros and cons. For me the pros of the pfSense made it for me. The biggest pros of the pfSense is definitely the speed. Even if both firewalls are able to deliver around 100 mbit/s throughput, the CheckPoint has some nasty lags sometimes, and drops the connections sometimes to IRC, MSN, ICQ and also webdownloads. Even thou I made a rule to allow all those protocols. Anyway, the biggest pros of the CheckPoint is without a doubt it’s power consumption, heat and sound level. It has a power consumption of about 15-20W compared to my pfSense which is about 60W. No heat or whatsoever from the CheckPoint either. And it makes NO sound at all, it’s fanless.

Whole article here (cyberinfo.se – 06/10/2009)

pfSense is also mentioned at the bottom of the “Enterprises cut costs with open-source routers” article on news.idg.no