Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    Why Pfsense is free and who is mysterious benefactor we should be grateful ?

    Scheduled Pinned Locked Moved General pfSense Questions
    15 Posts 5 Posters 1.5k Views 4 Watching
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • JKnottJ Offline
      JKnott @Guest
      last edited by

      @dealornodeal

      Welcome to open source software. With open source, the source code is shared and anyone can use and improve it. Pfsense is based on FreeBSD, but the biggest example would be Linux, which in turn is the base for Android. Likewise, Apple's phone and computer operating systems are based on FreeBSD, IIRC. The big companies are also well into it. For example, the big super computers from IBM and others usually run Linux. Even Microsoft is using it in their cloud services and also include it in Windows 10. You can also get office suites, such as LibreOffice and OpenOffice.

      PfSense running on Qotom mini PC
      i5 CPU, 4 GB memory, 32 GB SSD & 4 Intel Gb Ethernet ports.
      UniFi AC-Lite access point

      I haven't lost my mind. It's around here...somewhere...

      ? 1 Reply Last reply Reply Quote 0
      • ? Offline
        A Former User @JKnott
        last edited by

        @JKnott

        Didn't know pfsense is open source, I've been thinking it is very well closed =D

        JKnottJ GertjanG 2 Replies Last reply Reply Quote 0
        • ? Offline
          A Former User @Gertjan
          last edited by

          @Gertjan

          Hi, do you mean they sell product untested ?

          1 Reply Last reply Reply Quote 0
          • ? Offline
            A Former User @Gertjan
            last edited by

            @Gertjan

            I haven't read licence agreament to be honest ..

            does it say anything about telemetry or something ..?

            1 Reply Last reply Reply Quote 0
            • JKnottJ Offline
              JKnott @Guest
              last edited by

              @dealornodeal said in Why Pfsense is free and who is mysterious benefactor we should be grateful ?:

              Didn't know pfsense is open source, I've been thinking it is very well closed =D

              I don't know the details of pfsense, but the FreeBSD it's built on is certainly open source. My understanding is that pfsense is just a pretty way of configuring what's already in FreeBSD. I doubt there's much in it that couldn't be done with bare BSD.

              Also a lot of commercial gear is built on open source, usually Linux. For example, I recently bought a Ubiquiti AP, which is, as was my old TP-Link AP, as are my TV, Blu-ray player, A/V receiver and more. Even Cisco has some Linux based models. These days, it's pretty much impossible to get away from open source, as even Windows 10 will let you install various flavours of Linux. Of course, the Internet is pretty much built on some open source *nix, with web servers, mail servers, etc..

              PfSense running on Qotom mini PC
              i5 CPU, 4 GB memory, 32 GB SSD & 4 Intel Gb Ethernet ports.
              UniFi AC-Lite access point

              I haven't lost my mind. It's around here...somewhere...

              H 1 Reply Last reply Reply Quote 0
              • GertjanG Offline
                Gertjan @Guest
                last edited by

                @dealornodeal said in Why Pfsense is free and who is mysterious benefactor we should be grateful ?:

                Didn't know pfsense is open source, I've been thinking ...

                ......
                @dealornodeal said in Why Pfsense is free and who is mysterious benefactor we should be grateful ?:

                I haven't read licence agreament

                Try this https://en.wikipedia.org/wiki/PfSense
                It's ok not to think, at least read.

                @dealornodeal said in Why Pfsense is free and who is mysterious benefactor we should be grateful ?:

                they sell product untested ?

                pfSense == software = free.
                The source code is open (99,9 % or so ?), do not believe what you think and what they told you : check out the code -it's open ! That's why it's 'open'.
                The repository is here : https://github.com/pfsense

                The hardware - see link above - is always tested before shipped to clients.

                @Gertjan said in Why Pfsense is free and who is mysterious benefactor we should be grateful ?:

                to be tested ... so here we are ^^

                ^^ is like a ๐Ÿ˜Š

                No "help me" PM's please. Use the forum, the community will thank you.
                Edit : and where are the logs ??

                ? 1 Reply Last reply Reply Quote 0
                • ? Offline
                  A Former User @Gertjan
                  last edited by

                  @Gertjan

                  interesting how many users were able to configure system manually...

                  in my case nothing work well unless i choose Auto where it is possible

                  1 Reply Last reply Reply Quote 0
                  • P Offline
                    pppd @Guest
                    last edited by

                    @dealornodeal

                    I think there are a number of reasons why it's open source:

                    1. pfsense at its core is monowall.

                    2. the open source model benefits ongoing development of the product and updates and security patches are frequent. The community plays a big role in this. The result being pfsense is the most secure and feature rich FW on the market.

                    3. It has the largest user and knowledge base. Ask almost anyone which firewall product they prefer it most likely will be pfsense. Its as ubiquitous as windows is but to the firewall world. Netgate have their own proprietary products which they sell to big businesses that require professional support and willing to pay for it. For the rest of us we get to use a fantastic product for free providing we put our own time and effort in to configure and maintain it. When I hear someone installing a product other than pfsense I scratch my head and ask why would you?

                    ? 1 Reply Last reply Reply Quote 1
                    • ? Offline
                      A Former User @pppd
                      last edited by

                      @pppd

                      I agree with you, pfsense is great solution with multiple options.

                      1 Reply Last reply Reply Quote 0
                      • H Offline
                        hescominsoon @JKnott
                        last edited by

                        @jknott FreeBSD and the other BSD's have a more free license(in terms of what you can do with the code..not the price) than the GPL versions. PFSense is a hardened BSD..so much of the stuff that isn't required for a firewall is shaved out(the beauty of BSD and Linux)...There is more going on in the background than jsut the interface.

                        JKnottJ 1 Reply Last reply Reply Quote 0
                        • JKnottJ Offline
                          JKnott @hescominsoon
                          last edited by

                          @hescominsoon

                          Well, could the interface run on stock BSD, without all those extras stripped out? If so, then it's what I said, just an interface on top of BSD. Prior to pfsense, my firewall was built on opensuse Linux. Everything that was needed was already in it. Even back when I built my first Linux firewall on Slackware, I just installed the necessary packages (floppies back then).

                          BTW, one thing I miss from my Linux firewall is the ability to run Wireshark on it.

                          PfSense running on Qotom mini PC
                          i5 CPU, 4 GB memory, 32 GB SSD & 4 Intel Gb Ethernet ports.
                          UniFi AC-Lite access point

                          I haven't lost my mind. It's around here...somewhere...

                          H 1 Reply Last reply Reply Quote 0
                          • H Offline
                            hescominsoon @JKnott
                            last edited by

                            @jknott said in Why Pfsense is free and who is mysterious benefactor we should be grateful ?:

                            @hescominsoon

                            Well, could the interface run on stock BSD, without all those extras stripped out? If so, then it's what I said, just an interface on top of BSD. Prior to pfsense, my firewall was built on opensuse Linux. Everything that was needed was already in it. Even back when I built my first Linux firewall on Slackware, I just installed the necessary packages (floppies back then).

                            BTW, one thing I miss from my Linux firewall is the ability to run Wireshark on it.

                            yes it could..but why? That would lead to it being more insecure by default. By stripping out stuff that's not needed(like smb, apache, mail servers..etc etc etc) the codebase is smaller and the attack surface is smaller. go look at the security advisories for the base freeBSD then look at how few of those apply to PFSense. By stripping things down it makes less work for the folks at netgate to deal with...which is also why the release cadence can be slower..because the codebase is so much smaller and security is the primary focus..they do not have to spend so much time putting out vulnerability fires. Since it is BSD if you want to run wireshark you could probably install it yourself..there's nothing stopping you..but then you are breaking the base configuration of the firewall.

                            You can do a packet capture on psense and then export that data to be analyzed in wireshark. the documentation tells you how to do this:
                            https://docs.netgate.com/pfsense/en/latest/diagnostics/packetcapture/wireshark.html

                            JKnottJ 1 Reply Last reply Reply Quote 0
                            • JKnottJ Offline
                              JKnott @hescominsoon
                              last edited by JKnott

                              @hescominsoon said in Why Pfsense is free and who is mysterious benefactor we should be grateful ?:

                              yes it could..but why? That would lead to it being more insecure by default.

                              That was just to demonstrate my point that pfsense is just an interface on top of BSD and does nothing that couldn't be done by BSD alone. It would mean manually configuring all the various services, including pf, but it could be done. It's the same on Linux, where the configuration app (Yast) configures everything, including IPTables. Without that app, you could still make a good firewall, but it would take more work.

                              BTW, I go back to the days when everything on computers was done from the command line (I was working with VAX/VMS long before I ever saw PC/MS-DOS and IBM mainframes before I bought my XT clone) and when I first heard about the Mac, I wondered why anyone would need a graphical interface. ๐Ÿ˜‰

                              Putting Wireshark would take a lot more work than I'm prepared to do. I do use Packet Capture frequently and download the captures to examine with Wireshark. I can also put a managed switch, configured as a data tap in line with any connection to pfsense.

                              PfSense running on Qotom mini PC
                              i5 CPU, 4 GB memory, 32 GB SSD & 4 Intel Gb Ethernet ports.
                              UniFi AC-Lite access point

                              I haven't lost my mind. It's around here...somewhere...

                              1 Reply Last reply Reply Quote 0
                              • First post
                                Last post
                              Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.