2.2 Status
-
Re: Packages, we still get a fair amount of pull requests but a couple of the more active package maintainers were disappearing before the license changes (mostly lack of time on their part, from my understanding). We've also been cleaning up and cutting out things like files being pulled from servers that we don't control. We can't be responsible for what people host on other servers and build using unknown and unrepeatable methods. If packages build using the right settings and have all the correct parts, then we can build them internally and it's a lot more trustworthy all around.
With 2.2 we'll also be signing packages to further aid in verifying the trustworthiness of packages. It's important for users to know that the files are coming from a trustworthy source and not one that could be compromised unknowingly or simply disappear leaving packages broken.
Reading between the lines, and from what I've witnessed of one of the most used packages from my brief time using pfSense, might I humbly suggest someone take that package over as you progress >= 2.2? Nothing much has been done on it for quite some time and it's a big package that needs some ownership. Hopefully the author would agree because he seems strapped for time nowadays.
-
I too, have noticed that 2.2 seems to be in perpetual limbo. As I literally have no time to actually help, I simply can't complain, but I have wondered why there was seemingly so little momentum on the next release. Is it a terrible thing? Absolutely not, the last stable release does the job quite admirably but all techies look forward to the next big thing to blow our networks up with.
I'm mainly just interested in getting BSD up to modern times.
-
Not sure what you mean by "limbo", it is under very active development. There are only 2-3 issues left keeping it from moving to BETA, and then a few more random regressions and other behaviors to fix from there.
We still do not recommend running it in production, but in certain cases where known-broken features are not being used and the benefits outweigh the potential concerns, some have been brave and are running it now.
-
Thanks jimp!
Just the kind of info I was looking for. Is there a place to see what the remaining (known) issues are that are preventing it from advancing it to BETA?
Thanks again!
-
https://redmine.pfsense.org/ gives one view of the issues known and being worked on.
-
We don't have an official/public list of issues blocking Beta, but the issues for 2.2 in general are here:
https://redmine.pfsense.org/projects/pfsense/issues?query_id=30If you are already on 2.2 and want to help verify fixes for tickets we believe have been resolved, look at this report and provide feedback on tickets: https://redmine.pfsense.org/projects/pfsense/issues?query_id=31
-
Thanks Jimp!
That was the views I was looking for. I had a hard time trying to find a way to filter out the issues and see what is happening.Hopefully some package maintainers will work their way back. All those brilliant people are needed to keep it going.
After seeing all the hack attacks lately (ex: synology), I thought i would install country block only to realize it's really outdated and not maintained.
. -
I thought i would install country block only to realize it's really outdated and not maintained.
Take a look at the pfBlocker thread in packages. Marcello posted an update which seems to be a recent Country Code file. So it looks like he may be adding something to pfBlocker.
https://forum.pfsense.org/index.php?topic=42543.msg439194#msg439194
-
2.2 appears to have been in alpha for quite some time.
Yes, it's a big change getting to a FreeBSD 10 base. There was a lot of work that hadn't been done while we were on a FreeBSD 8 base.
That work is now done.And, we've added AES-GCM (with AES-NI acceleration ) to 2.2 (and yes, the patches for this are going back to FreeBSD), moved to Strongswan as an IPSec solution (bringing with it L2TP (because pptp sucks) and IKEv2), and updated the PHP version (which caused quite a bit of breakage in packages).
In addition, we have released 2.1.1, 2.1.2, 2.1.3, and 2.1.4 since early April. 2.1.5 is pending (still being tested), and will be out very soon.
Even in it's fairly stable state it is still in alpha. Will it advance to beta, or straight to RC0? Maybe a year or more till release?
it will advance to beta soon.
-
Package contributors will quit since its turning into a profit making/go to market setup and the true open dev. doesnt like that….
They want to get paid since the pfsense project gets funded by customers and the work they do are not honored moneywise
Very simple.
Maybe you should cite evidence for the claims you're making.
-
Some of the problems may be due to the recent license change of Pfsense.
Maybe someone that knows whats truly going on with the license, can explain how it will affecting the package developers and end users?
It doesn't.
-
removed myself, just rant :-\