2.0 features



  • I was looking for a page on new features that will be added or a requested feature today without luck.  I was wondering what will be new in 2.0 once all said and done or if its just an OS and old feature update to get some of the things that didn't work so well %100.  I apologize if there is a similar post out there.  If there isn't such a post, I'll start one here.

    Two features I would like to see are:
    ClamAV
    Bridging (An option that would make multiple interfaces work like a switch for multiple onboard LAN ports.  However, i would be happy with a functional bridge that doesn't crash on reboot.)

    -V



  • Don't know how updated it is http://devwiki.pfsense.org/v20Todo
    ClamAV is GPL so it has to be a package.



  • 1.2.x are bug fix releases for any problems found with existing functionality. Bridging with multiple interfaces acting the same as a switch has worked since 1.2.2.

    Antivirus has been discussed at length, it just isn't effective in any usage today and it's ugly to run on a firewall (you don't get what you think you're getting), search the forum for more discussion. Not saying it won't ever happen, but it's not a priority because it's not what it's cracked up to be.



  • Are IKEv2 and MobIKE going to be part of 2.0?

    Ronald



  • @rcfa:

    Are IKEv2 and MobIKE going to be part of 2.0?

    Not sure.  We have a number of IPsec improvements added already, but I don't know if either of those will make it.



  • @cmb:

    @rcfa:

    Are IKEv2 and MobIKE going to be part of 2.0?

    Not sure.  We have a number of IPsec improvements added already, but I don't know if either of those will make it.

    Is this something though that's in the pipeline for the 2.x branch, or something that is likely not going to show up until 3.x or similar major release? Or in other words, is it something that can be done with add-ons to the existing infrastructure, or is it something that would require the replacement of a major component? (I know some Linux based projects e.g. would have to switch from OpenSWAN to StrongSWAN to do so, and thus losing and gaining different features, making this a less than desirable step from their point of view, because it breaks backwards compatibility in terms of available features)

    Ronald



  • racoon can not do IKEv2, but I believe people have reported success with the Nokia 5800 on the ipsec-devel list.



  • @databeestje:

    racoon can not do IKEv2, but I believe people have reported success with the Nokia 5800 on the ipsec-devel list.

    I was more thinking racoon2:
    http://www.racoon2.wide.ad.jp/w/

    Ronald


Locked