So, I’m confused.
-
If you buy, you get support by default. If you build your own and install the community edition, it has all the same functionality for the most part without any limits. IIRC there are at least one custom package that's only available to those who buy, an AWS wizard or something, I don't really care about it.
And as Chris said, they don't harass you to give them money. No nags or anything like that. There is some sort of disclaimer dialog that appears after you first connect to WebGUI after initial installation but that's it. They hope that the product speaks for itself, and that you will like it enough to purchase hardware down the line.
-
@KOM I’m actually looking at simply purchasing one of the boxes and running it at the head of my home ranch network.
I’m looking for a workhorse. But as time permits tinkering, but not be required to tinker just to get basic functionality.I’ve been burned before by a Linux distro I’ll not specifically name that after installation I spent more time on their forum looking up and parsing out how to do simple operations like say mounting a disk or other such simple nonsense that’s automatically done or simple in the BSDs but in the name of flexibility and configurability left to the user.
Thing is, yeah. I love to tinker, but tinker when times available, not be required to to get something critical like a router and firewall functional and keep it functional.
Right now I run FreeBSD and I build all my packages using poudrière from source on a separate dedicated machine.
Does pfsense still keep a separation of base system functionality?
Is pfsense considered a package on top of the base or integrated into it?
If it’s on top would I be able to build it as part of my poudrière build routines. Or is it part of the base? -
Does pfsense still keep a separation of base system functionality?
I believe so.
Is pfsense considered a package on top of the base or integrated into it?
Not originally but I believe that is what they have moved to.
If it’s on top would I be able to build it as part of my poudrière build routines. Or is it part of the base?
No idea, that would be a better question for the Development forum.
-
@KOM thanks everyone for the replies. I’ll do more reading and researching. I think I’ll pull in a copy of pf and poke with it before I grab a official box for the network, but I probably will end up using it.
I’ll be around may be asking more questions to get a good handle on things. I do appreciate all the replies and hopefully as I become more familiar I’ll someday be able to help out around here. -
@KOM said in So, I’m confused.:
If you buy, you get support by default.
To clarify:
You get HARDWARE support. We stand behind the devices we make.
You can elect to purchase technical Support from our Global Support Team.
-
It's much more a collection of packages than it used to be but it isn't a package (or set of) that can be installed onto FreeBSD.
We have a modified base: https://github.com/pfsense/FreeBSD-srcSteve
-
@stephenw10 thanks for the reply! I wasn’t planning on putting it on a vanilla version of FreeBSD. I was thinking more on the “how is it put together, and designed” side of things with an eye towards how to keep updated.
-
@clem16 said in So, I’m confused.:
eye towards how to keep updated.
You read the release notes, follow any special update instructions that are given.. But pretty much you click the little icon that shows up on your gui when there is a new version available..
Or you never update - and be like some users and come here asking how to do xyz when they are running version 2.0.1 from 2011 time frame ;)
Also make sure you check the package manager every now and then for any package updates - which again require a click of an icon..
-
Package updates should really have their own dashboard alert.
-
Agreed.. Should be a widget you can put on the main page or something - has anyone bothered to put in a feature request?
But I am normally on pfsense gui prob almost every day... Not for stuff I am doing but taking screenshot or looking up something specific for a user here, etc. ;) Every few days I will stop by the package manager page... Or if catch a forum post about an update - ie caught that acme was updated here, so went in and updated it..
-
Like the package widget you mean?
Steve
-
You should update that. ;)
-
Exactly!!! Stephenw10 - Exactly, forgot about that wiget... But when you have a lot of installed packages it takes up a lot screen space... Be easier if took up smaller space and alerted to check the package manager for update(s)
When it takes up a lot of screen space - just easier to check the page itself ;)
-
I agree an alert for 'package updates are available' would be nice.
-
Yes, that monster Packages widget is way too big. A singe line under the pfSense upgrade line would be sufficient: "Package updates are available" as a link to the Installed Packages page.
-
@luckman212 posted an awesome solution to this. It's not an official solution, but I love it.
https://forum.netgate.com/topic/137707/auto-update-check-checks-for-updates-to-base-system-packages-and-sends-email-alerts
I like that I get an email when an update to a package is available. I also get notified about updates to packages which are not in the package manager. This helps with patching any potential vulnerabilities in between releases. -
Yeah that should prob be rolled right into base of pfsense if you ask me ;) Haven't tried it out yet -- but just reading the thread seems like a no brainer winner to me.... Not sure how I missed that thread?
-
@clem16 To give you another user testimonial... pfSense has transformed our network in the office. To help keep costs down, I originally had pfSense installed on an old first gen i5 based PC. This was almost 2 years ago. That setup has worked flawlessly for our small office setup and has gone above and beyond any expectations I had. I recently upgraded to a new PC due to future proofing for the AES-NI requirement coming. Restoring all settings and configs on the new PC was as simple as it gets.
In general, the webGUI is so intuitive and pfSense just works right out of the box. No need for tinkering, but there is tons of room for tinkering at your own pace. For the most part, I have been able to learn and tinker as needed all while keeping the office running and not taking the whole network down. I feel like I learning something new almost every time I work with pfSense or look through the forums.
The official documentation is an incredibly good resource. https://docs.netgate.com/pfsense/en/latest/book/index.html
This community is very active and helpful. Users are always helpful and contribute. Posts here and the email notification contribution mentioned above are perfect examples of that.P.S. If I had the budget I would have definitely went with official Netgate hardware. Mainly just to help support the cause.
-
@Raffi_ Yeah, it seems to be great just from the bit of poking I’ve done. I’ve known about the project now for years, I’ve just never up and tried it. Even if I’m doing it for just myself and family farms I’d rather do it “right” do it once and be done till hardware needs to be changed.
Running on an old PC just seems like a bit of a hack. I did this way back in the day when all the farm could use was dialup running on an old smoothwall server I was able to dial and disconnect remotely. But those days are long gone and we’ve moved to satellite which is expensive but great. It just seems messy to have an old computer sitting there siphoning power and buzzing fans... been there felt that pain... so yeah, probably looking at official hardware partially to make sure everything not user computer related is contained in a rack. Neatly and tidily... so the OCD itch doesn’t happen to begin with.As it stands right now my satellite modem is suspended from the ceiling via a nail driven into a rafter... the itch is excruciating... but I don’t want to spend money on tidying up unless I do it right... and it’s working... so to make any changes I need to take apart.
I’d rather do one large change, network the house and property for 10gig way overkill for home network but hey. Why not...But yeah. I think it’s time to look into pf a little deeper as it’ll probably open up a ton of possibilities over my current setup. We will see, I’m not in any HUGE rush ill just spend some time working and dump a few paychecks on it. 6-7k should spice things up. At least that’s kinda where I plan to start the budgeting.
-
@clem16 PS... incase anyone was wondering and looking at that as odd... I’m in a unique situation that offers me quite a few possibilities to play with stuff like this. The farm owns quite a bit of heavy machinery I can use to build building to building to tower networks for wifi and even fiber to POE connected cameras just to play with for fun. So I can easily knock down trees with D7 CAT pull them around with a skidder, run in lines with a ditch witch behind the cat, things that would normally cost thousands to hire a company to do I can do myself for the price of fuel and time + materials.
So yeah, still in planning and researching stages. So all the input I can get is helpful. Plans always change, and the final project is never exactly as on paper. But I might as well have fun building on paper first the “perfect” network before I drop cash on actually doing it.
