So, I’m confused.
-
@KOM Thanks for the response. That’s kinda the impression I was getting. It seems like netgate is the ones doing the major if not all the heavy lifting in programming because they can afford to and have the resources in talent to do so.
I currently run FreeBSD on my server, and it’s performed above and beyond any of the other Linux distrais I’ve tried, not trying to knock any district it’s just to me FreeBSD seems to just work and make much more logical sense in file layout not to mention ZFS which I love.What’s this I hear about the competition using “hardened” BSD vs what pf uses?
Also, what’s the whole FUD going around about pf having a messy tangled codebase that’s not clean.
Something doesn’t track when I read those claims, any thoughts on those points?
-
@clem16 said in So, I’m confused.:
What’s this I hear about the competition using “hardened” BSD vs what pf uses?
No idea. They might be basing it on OpenBSD perhaps?
Also, what’s the whole FUD going around about pf having a messy tangled codebase that’s not clean.
No idea, I'm a user and not a developer. Besides, if this were the case, it would affect ALL pf/*BSD projects so nobody would have any specific advantage there. What is your focus? Are you looking to compile from source or start developing patches or packages?
-
@chpalmer Thank you for your reply and links. They’ve cleared up a few questions I had, but had not specifically asked.
Another question, if I install pf or buy one of the official boxes, which I’ll probably do.
Will I be bombarded by “upgrade to paid support” or nag screens of any kind?
The website and links state no artificial limitations, but are there adverts that users are hit with constantly that they must ignore or purchase to make go away. I’m a bit of “perfectionist” and that would drive me batshit crazy. -
No.
We value your privacy as much you do.
-
If you buy, you get support by default. If you build your own and install the community edition, it has all the same functionality for the most part without any limits. IIRC there are at least one custom package that's only available to those who buy, an AWS wizard or something, I don't really care about it.
And as Chris said, they don't harass you to give them money. No nags or anything like that. There is some sort of disclaimer dialog that appears after you first connect to WebGUI after initial installation but that's it. They hope that the product speaks for itself, and that you will like it enough to purchase hardware down the line.
-
@KOM I’m actually looking at simply purchasing one of the boxes and running it at the head of my home ranch network.
I’m looking for a workhorse. But as time permits tinkering, but not be required to tinker just to get basic functionality.I’ve been burned before by a Linux distro I’ll not specifically name that after installation I spent more time on their forum looking up and parsing out how to do simple operations like say mounting a disk or other such simple nonsense that’s automatically done or simple in the BSDs but in the name of flexibility and configurability left to the user.
Thing is, yeah. I love to tinker, but tinker when times available, not be required to to get something critical like a router and firewall functional and keep it functional.
Right now I run FreeBSD and I build all my packages using poudrière from source on a separate dedicated machine.
Does pfsense still keep a separation of base system functionality?
Is pfsense considered a package on top of the base or integrated into it?
If it’s on top would I be able to build it as part of my poudrière build routines. Or is it part of the base? -
Does pfsense still keep a separation of base system functionality?
I believe so.
Is pfsense considered a package on top of the base or integrated into it?
Not originally but I believe that is what they have moved to.
If it’s on top would I be able to build it as part of my poudrière build routines. Or is it part of the base?
No idea, that would be a better question for the Development forum.
-
@KOM thanks everyone for the replies. I’ll do more reading and researching. I think I’ll pull in a copy of pf and poke with it before I grab a official box for the network, but I probably will end up using it.
I’ll be around may be asking more questions to get a good handle on things. I do appreciate all the replies and hopefully as I become more familiar I’ll someday be able to help out around here. -
@KOM said in So, I’m confused.:
If you buy, you get support by default.
To clarify:
You get HARDWARE support. We stand behind the devices we make.
You can elect to purchase technical Support from our Global Support Team.
-
It's much more a collection of packages than it used to be but it isn't a package (or set of) that can be installed onto FreeBSD.
We have a modified base: https://github.com/pfsense/FreeBSD-srcSteve
-
@stephenw10 thanks for the reply! I wasn’t planning on putting it on a vanilla version of FreeBSD. I was thinking more on the “how is it put together, and designed” side of things with an eye towards how to keep updated.
-
@clem16 said in So, I’m confused.:
eye towards how to keep updated.
You read the release notes, follow any special update instructions that are given.. But pretty much you click the little icon that shows up on your gui when there is a new version available..
Or you never update - and be like some users and come here asking how to do xyz when they are running version 2.0.1 from 2011 time frame ;)
Also make sure you check the package manager every now and then for any package updates - which again require a click of an icon..
-
Package updates should really have their own dashboard alert.
-
Agreed.. Should be a widget you can put on the main page or something - has anyone bothered to put in a feature request?
But I am normally on pfsense gui prob almost every day... Not for stuff I am doing but taking screenshot or looking up something specific for a user here, etc. ;) Every few days I will stop by the package manager page... Or if catch a forum post about an update - ie caught that acme was updated here, so went in and updated it..
-
Like the package widget you mean?
Steve
-
You should update that. ;)
-
Exactly!!! Stephenw10 - Exactly, forgot about that wiget... But when you have a lot of installed packages it takes up a lot screen space... Be easier if took up smaller space and alerted to check the package manager for update(s)
When it takes up a lot of screen space - just easier to check the page itself ;)
-
I agree an alert for 'package updates are available' would be nice.
-
Yes, that monster Packages widget is way too big. A singe line under the pfSense upgrade line would be sufficient: "Package updates are available" as a link to the Installed Packages page.
-
@luckman212 posted an awesome solution to this. It's not an official solution, but I love it.
https://forum.netgate.com/topic/137707/auto-update-check-checks-for-updates-to-base-system-packages-and-sends-email-alerts
I like that I get an email when an update to a package is available. I also get notified about updates to packages which are not in the package manager. This helps with patching any potential vulnerabilities in between releases.