Suggestion for pfsense 2.0



  • Hi im new in pfSense. I was using Star-OS from Valemount but because of they just dont care of server support (only focusing on router), then im moving here. I tried pfSense 1.2.3 and 2.0RC1. Both great stability but have some lacks:

    1. U can search at every forums, 95% of the ppl using pfSense will use Proxy Server. So i think, better put Squid in Installer instead of making it an option at package. Because alot of ppl just like me, have slow internet connection, and if we have to download Squid for everytime we do re-install, that will cost alot of time n bandwidth. Well u can see too that alot of ppl who use pfSense for SOHO just to make lower bandwidth usage by proxy server. So, if the squid is an optional package n we have to download it, will takes over 30mb n takes longggggggggg time to download with slow internet connection.

    2. Star-OS can do multiple stage bandwidth management such as:
    WAN: 10mbps

    qshape clients 1001:1040 bw  224k  64k 192.168.0.1  on ether6
    it limit every connection from IP 1-40 at the same quota (upload 64k, download 224k)

    qshape masters 1041:1050 bw  512k 128k 192.168.0.41 on ether6
    it limit every connection from IP 41-50 at the same quota (upload 128k. download 512k)

    pipe 100 bw 256k  # upload speed
    pipe 150 bw 1024k # download speed
    shape tcp to pipe 100 from any to any 80 out via ether1 # upload
    shape tcp to pipe 150 from any 80 to any in via ether1  # download
    it shape port 80 (HTTP) connection to 1024k download and 256k upload
    So eg, if all 40 ppl downloading at the same time, they will get maximum total 1024kbps (no matter if the WAN side have 10mbps download).
    So i can tell if there's 9mbps spared for any other applications that use any other ports else than HTTP.

    pipe 200 bw 838860k # upload local
    pipe 250 bw 838860k # download local
    shape tcp to pipe 200 from any to any 80 in via ether6  # upload
    shape tcp to pipe 250 from any 80 to any out via ether6 # download
    it shape from proxy to clients to 100mbps download and 100mbps upload (bypass)
    So eg, if i do download a file, i will get 1mbps download. but when the file already in cache, when i do download again, i will get 100mbps bypassed from cache to client.

    With that states, i can play game at no lag while downloading coz my downloading running thru PIPING and my game running thru SHAPING.

    I think there's 2 of your OS lacks. The other things are GREAT!
    That's all the input for pfSense team. Thanks.



  • 1. U can search at every forums, 95% of the ppl using pfSense will use Proxy Server. So i think, better put Squid in Installer instead of making it an option at package. Because alot of ppl just like me, have slow internet connection, and if we have to download Squid for everytime we do re-install, that will cost alot of time n bandwidth. Well u can see too that alot of ppl who use pfSense for SOHO just to make lower bandwidth usage by proxy server. So, if the squid is an optional package n we have to download it, will takes over 30mb n takes longggggggggg time to download with slow internet connection.

    I think what your seeing is 95% of people who post about it…  Personally I nor anyone I personally know using pfsense use any kind of proxy and do not wish to.

    So my 2 cents- my vote would be no here. It would make the installer that much bigger and make install/upgrade time that much longer...


  • Banned

    Yes pls…No squid for me either.


  • Rebel Alliance Developer Netgate

    It is highly unlikely that squid would ever be in the base system. It is by far the most popular package, but I wouldn't go so far as to say the majority of installations have squid running.

    The bandwidth limits you describe are already in 2.0, they're called limiters.


Locked