The pfSense 2009 hackaton, which started on Saturday, can be followed live on http://hackaton.pfsens.org. You can also join the chat by using the Java viewer embedded on the page or head over to irc.freenode.net and join #pfsense-hackathon.
For other FreeBSD related events, check my FreeBSD Events & Conferences calendar.
To check the pfSense section, skip to minute 16:53
Watch of download the video on hak5.org.
Chris Buechler has announced the availability of pfSense 1.2.2, a security and bug-fix release of the FreeBSD-based firewall system:
pfSense 1.2.2 released! Only five changes from 1.2.1, but we did want to get these issues fixed and an updated version out there:
- setup wizard fix – removing BigPond from the WAN page on the setup wizard caused problems;
- SVG graphs fixed in Google Chrome;
- IPsec reload fix specific to large (100+ sites) deployments;
- bridge creation code changes – there have always been issues when attempting to bridge more than two interfaces;
- FreeBSD updates for two security advisories on January 7, 2009.
Most users on 1.2.1 won’t have any need to upgrade to 1.2.2, but if any of the above applies to you, then upgrade to this version. 1.2.2 should be used for all new installs.
The pfSense project have announced the availability of version 1.2.1:
This is a strictly a maintenance release, meaning it contains only bug fixes in the pfSense code, no new features. Though we also upgraded the base OS from FreeBSD 6.2 to 7.0, which necessitated numerous changes in how things are configured. The change to FreeBSD 7.0 brings improved performance and more hardware support.
If you’re interested in pfSense or if you’re using it in a production environment, you may be interested in the Network Perimeter Redundancy with pfSense presentation that Chris Buechler will be doing at the DCBSDCon 2009.
What do you get when you cross an enterprise-class packet filtering subsystem with a graphical front-end for easy configuration and maintenance? A throbbing headache for commercial vendors like SonicWALL, that’s what.
More details on the presentation can be found here.
Matt Hartley has written an article on Intranet Journal about (in his opinion) the 5 best Linux/BSD Firewall tools:
- Linux LiveCD Router
Over the course of recent years, some people have found the quality of most out-of-the-store firewall appliances either lacking functionality or worse, set at a price that has made them generally out of reach.
Because of this issue, I thought it would be beneficial to write an article to better highlight what works and what does not with regard to turning an older PC into a standalone router/firewall appliance.
Regardless of a fantastic effort by IPCop, there is just something to be said about rocking solid BSD solutions. The first that comes to mind is that from m0n0wall. It’s small, 12 MBs small! That is the single biggest distinguishing thing to note about m0n0wall. Its size and portability, that is. Designed to be a replacement for those expensive firewall appliances used today, m0n0wall works on embedded machines, in addition to being quite useful on older x86 PCs as well.
Definitely a little more advanced from a usability standpoint than other solutions out there, but do not let this fool you, because m0n0wall is VERY powerful in all of its BSD goodness. This being said, it should be noted that even though m0n0wall is workable on a older PC, it shines best on embedded systems being used by more advanced administrators. Therefore, this is not a really good solution for new Windows converts looking to convert their old PC into something cool.
From what I have been told, the pfSense project was started by the same people as m0n0wall. Those looking to revamp an older PC might be better off going with pfSense. Plenty of features to speak of. Most notable among them include:
- Redundancy — By creating a fallover group, the network will remain secure even in the event of interfaces that go offline for some reason.
- Load Balancing — Provides both inbound and outbound balancing between WAN connections or multiple servers, depending on which way the traffic happens to be going.
- Captive Portal — Force the user to authenticate or simply find themselves redirected to wherever you wish.
Source (IntranetJournal – 16/12/2008)
The PC-BSD Team is pleased to announce the availability of PC-BSD 7.0.2, with an updated FreeBSD 7.1-PreRelease under the hood and the latest KDE 4.1.3.
Version 7.0.2 contains a number of bugfixes and improvements. For a full list of changes, please refer to the changelog. Some of the changes are:
- KDE 4.1.3
- Improved desktop performance with Nvidia Cards
- Improved NTFS write support
- HAL fixes and improvements
- Installation bugfixes