pfSense 2.6 released: free network firewall distribution

by · Published · Updated

The pfSense project is a free network firewall distribution, based on the FreeBSD operating system with a custom kernel and including third-party free software packages for additional functionality. pfSense software, with the help of the package system, is able to provide the same functionality or more of common commercial firewalls, without any of the artificial limitations. It has successfully replaced every big-name commercial firewall you can imagine in numerous installations around the world, including Check Point, Cisco PIX, Cisco ASA, Juniper, Sonicwall, Netgear, Watchguard, Astaro, and more.

pfSense software includes a web interface for the configuration of all included components. There is no need for any UNIX knowledge, no need to use the command line for anything, and no need to ever manually edit any rule sets. Users familiar with commercial firewalls catch on to the web interface quickly, though there can be a learning curve for users not familiar with commercial-grade firewalls.

pfSense started in 2004 as a fork of the m0n0wall Project (which ended 2015/02/15), though has diverged significantly since.

pfSense

By Gonzopancho (Own work) [CC BY-SA 4.0], via Wikimedia Commons

pfSense 2.6 has been released. This update contains important security fixes and bug fixes. It also introduces some new features as follows.

 UPnP/NAT-PMP

  • Added: UPnP/NAT-PMP STUN configuration options #10587

Upgrade

  • Changed: pfSense-upgrade should reinstall all packages on new version upgrades #12235

User Manager / Privileges

  • Added: Copy button for group entries in the User Manager #12226

Virtual IP Addresses

  • Fixed: Validation when deleting a VIP does not check if the VIP is used by IPsec phase 1 entries #12356
  • Fixed: Validation when deleting a VIP does not prevent deleting a CARP VIP used as a parent for an IP Aliases VIP #12362

Wake on LAN

  • Added: Wake on LAN button to wake all devices #12480

Web Interface

  • Changed: Update font formats to WOFF2 #11507
  • Fixed: DHCP Leases page and ARP table page fail to load if DNS is not available #11512
  • Fixed: Notifications page cannot be saved without configuring or disabling SMTP #12107
  • Changed: Convert help shortcut links to server-side redirects #12314
  • Fixed: Help text for RAM disk settings does not mention Captive Portal data #12389
  • Fixed: Input validation error can unintentionally result in removal of PPP type interface settings #12498

Wireless

  • Fixed: wpa_supplicant uses 100% of a CPU core at boot #11453
  • Fixed: Interfaces page does not show Wireless EAP client options #12239

XMLRPC

  • Fixed: XMLRPC sync results in an error when a failover peer IP address is specified in DHCP server settings for an unconfigured interface #10955
  • Added: XMLRPC synchronization for DHCP relay settings #11957
  • Changed: XMLRPC client improvements #12051
  • Fixed: Changes to an existing IPsec configuration are not applied on HA secondary after XMLRPC sync #12075

More

Tags: