pfSense Community Edition EoL? 2.7.2-RELEASE (amd64)
-
Hi,
just wondering.... last Update for the CE Version is 2.7.2 and it's from December 2023 - thats almost one and a half years ago...Did I miss something? Is CE EoL?
Thanks for Clearyfying....
Cheers
4920441 -
https://forum.netgate.com/topic/182270/when-will-2-8-dev-snapshot-be-available/35
-
...so... what's the difference betweeen the thread and a simple "EoL"?
Reads as it is EoL but noone wants to call it that way?!?
Cheers.
4920441
-
@4920441-0 said in pfSense Community Edition EoL? 2.7.2-RELEASE (amd64):
Reads as it is EoL but noone wants to call it that way?!?
Maybe ...?
https://redmine.pfsense.org/projects/pfsense/roadmap
-
It isn't EoL. We are supporting it with security patches and updates until 2.8. Probably even after 2.8 because a lot of people will still be running it.
-
@stephenw10 said in pfSense Community Edition EoL? 2.7.2-RELEASE (amd64):
It isn't EoL. We are supporting it with security patches and updates until 2.8. Probably even after 2.8 because a lot of people will still be running it.
Good to know. With 350+ changes since 2.7.2, I think I will wait until .1 or .2
-
supported with no updates for over a year now? Or do I miss something?
-
There have been many patches in that time. If there had been some security critical issue in that time that couldn't be patched in run time we would have issued a point release.
-
@4920441-0 said in pfSense Community Edition EoL? 2.7.2-RELEASE (amd64):
Did I miss something? Is CE EoL?
There is a sensitivity to summary description, so instead of trying to put a name of pfsense CE software development cycle I recommend instead focussing on
- What business decision are you trying to make?
- Available information on actual behaviour to support this decision process?
The relevant (home/lab) business decision imo are
-
Is pfsense CE an wise platform for a new installation or new software development project?
-
If already using pfsense CE; is it likely to maintain it's current value as a leading firewall or is it likely to become a poor choice, in which case having plans to transition to another platform would be wise.
The public information on actual behaviour to address these questions I'm aware of are:
-
Netgate is a commercial company. In the past home / lab testing of pfsense (public open source) was used to improve the quality and testing of their paid products. That business model was changed several years ago (when pfsense {public open source} was renamed pfsense CE) removing the financial benefit of Netgate maintaining CE
-
Since Netgate changed the development model, public access to pfsense CE development / snapshots has been blocked, consistent with CE becoming only a competitor to pfsense plus (proprietary).
-
Also Netgate have announced a divergence of the capabilities of CE vs plus and the frequency of public CE releases has dramatically decreased.
-
Note some "security updates" have occurred (consistent with the reputations harm not doing so would expose Netgate too). However security updates only may or may not be relevant to the above business question being addressed here.
How each individual weighs these factors and the name they give to the process is a personal decision.
-
@stephenw10 I think a lot of people are not aware of the System_Patches package... I know I wasn't when I first started using PFSense a few years ago.
I do find it a bit strange that this is an optional package that has to be explicitly installed ? Although being a package means the package itself can be updated out of cycle I do wonder if it should be installed by default on new installations and more attention brought to it...
-
...so... more or less it's EoL, abandoned, whatever you'gonna call it, it leaves no good vibes at all....
Since I use it only privately, it does absolutely does not make any sense to buy the commercial version for me.
Thanks for the fish so far - i used it since 2007 - but I think I gonna migrate to OPNSense ASAP....
Cheers.
4920441
-
I suppose there is a small chance Netgate will recognise the value open source packages adds to their base product. No doubt not as well supported by the unpaid community as Netgate would like but much better than in other closed source products. Free testing by the community is also likely to be more thorough and has contributed to their products reputation in the past.
However the effects of both of these changes are likely to take years to be fully apparent, and much longer to recover from if recognised then. Maybe a closed source Netgate will successfully compete against the establish closed source vendors. Only time will tell.
-
I'm assuming the priority is shipping pfSense+ 25.03. They're hinting at a RC in the next month (ish). I assume CE 2.8.0 (or 2.7.3?) will happen within a reasonable timeframe after that to catch it up. I definitely would love an updated Kea functionality as well as newer FreeRADIUS package (with some bug fixes)... incidentally I haven't seen a package update in forever and those usually come out throughout the year independent of pfSense releases.
I relate to the worry about CE being abandoned (ad naseum threads on Reddit too), but it does look like they have a 2.8.0 product coming.
And yeah, the System Patches package is actually kind of cool. It's relatively new (2.7.0? 2.6.0? 2.5.0?) as I remember security patches in the past required a more invasive "p1" or "p2" point release and a mandatory reboot. Fixing most hotfixes in runtime is super neat and non-invasive. I also agree that many people haven't heard about it, so maybe shipping the package with the product makes sense.
I still have my OG pfSense "open source security" t-shirt and pfSense polo I wear at work and speak highly of it in the enterprise. I do hope the CE/open source product sticks around forever for homelab types.
Lowkey hope the TNSR VPP userspace high-speed routing technology gets merged into a [distant] future pfSense+ and CE product for ludicrous speed market-leading performance. Especially with WAN links in the 10G, 25G realm.
-
@Finger79 said in pfSense Community Edition EoL? 2.7.2-RELEASE (amd64):
I still have my OG pfSense "open source security" t-shirt
Me too.
-