Experimentation subforum for pfSense



  • I was interested in potentially experimenting with Wireguard on a non-production VM using PFSense as a platform; so this post was indeed handy for me (though it's well into the realm of "experimental").

    It appears from the replies that a major concern is that discussion about experimentation being done in a subforum such as "DHCP and DNS" may potentially lead someone to mistakenly implement it in production (and you DO NOT want to experiment in production). Thus discussions of experiments might make more sense in the "Development" subforum; though that too doesn't seem quite fitting and would distract from development discussion relating to actual roadmap/supported topics.

    An "Experimentation" subforum with a description such as "Discussions about unsupported and unstable configurations for non-production experimentation" would allow for people who are interested in experimentation to do so and minimize the potential confusion that might cause someone to think it's safe to implement. Perhaps add a stickied post reminding people that every feature enabled on their firewall increases their attack surface so it might not be advisable to have the feature at all in pfSense (for instance running Doom on a firewall is possible but ill advised and indeed shouldn't ever make it to an official package).

    This seems preferable to halting all discussion of experimentation since if it weren't for people experimenting on pfSense we might not have some of the packages/features that we currently enjoy. Then we can have a place where experimentation can be discussed without such harsh responses in a place where it's understood to be experimental.


  • Rebel Alliance Developer Netgate

    That's the very definition of "Development", though. :-)

    I don't see that kind of category having enough traffic to interfere or warrant isolation, so just use "Development" for that.


Log in to reply