Where is the documentation?
-
So now all you're going to do is whine?
I think he's trying to volunteer to help update the docs.
-
So now all you're going to do is whine?
I'm not whining at all. I'm pointing out that there's a massive gap between the documentation and the product. I'd be happy to try and help close that, even if it were just a little bit, if anyone at all out there could point me to some legitimate, accurate documentation for 2.1.5.
But, if you prefer to take it as whining, maybe you'd like to fix the docs instead?
-
legitimate, accurate documentation for 2.1.5.
You know there's a book right?
It is not uncommon to charge a pretty penny for a fantastic book on an open source project. Exim is one such example. Yes, online docs exist. The book is better. pfSense is another, though the printed version will probably be cheaper than a Gold subscription. (Zero affiliation other than being a gold member, btw.)
What you're proposing is a catch22 - point me at the legitimate, accurate documentation for 2.1.5 so I can help create legitimate, accurate documentation for 2.1.5. If the documentation existed to your liking, you would have nothing to do.
I'm not whining at all.
"Further, I -have- posted looking for help and haven't gotten what I've requested."
"But I was going into Tosche Station to pick up some power converters!"
But, if you prefer to take it as whining, maybe you'd like to fix the docs instead?
I don't find them as deficient as you do. Captive Portal is not hard to configure, for example. The tone of this entire thread has left me with zero desire to help you. Maybe the threads you say you started asking all these unanswered questions had the same effect on others. Considering your litany of questions, it seems $99 for the book would be well worth the money.
-
To be fair the book is not really an option for someone experimenting with various router/firewall projects. The fact that Chris has said he is releasing the introduction and installation chapters for free should significantly address this.
Steve
-
"But I was going into Tosche Station to pick up some power converters!"
What?
Your "assistance" is exactly the sort of help I've been getting all through here. You haven't read the whole post (or you didn't bother to take the time to understand it) and you're just throwing out the same knee-jerk reaction you give to everyone know that "whines" that the docs are poor.
On line docs are good and the book is better. I'm all for that. Where's the on line docs? They're essentially non-existent for 2.1.5. The fact that everyone keeps referring to the book as "the" source for docs reconfirms this.
-
To be fair the book is not really an option for someone experimenting with various router/firewall projects. The fact that Chris has said he is releasing the introduction and installation chapters for free should significantly address this.
Steve
Steve,
This is very true. I want to understand this project before I commit to it all around. The fact that I can't accurately set up my instance of pfSense to test the things that are important to me pushes this project way down to the bottom of the list of contenders. And, the fact that I'm -still- here trying to get help should demonstrate that I really do want to try it.
-
See if any of this answers some of your questions.
https://www.youtube.com/channel/UCrLC48qoJygdQOmgzmYVKBg/videos
https://www.youtube.com/watch?v=czU56xmJAmE
http://pfsensesetup.com/web-filtering-with-squidguard-part-one/
https://www.youtube.com/watch?v=s6BDVzTcAnw
https://doc.pfsense.org/index.php/Traffic_Shaping_Guide
https://www.youtube.com/watch?v=xUnJs5XP1y0
http://pfsensesetup.com/qos-management-using-the-traffic-shaper-wizard/
http://blogs.technet.com/b/nexthop/archive/2014/04/07/configuring-pfsense-as-a-reverse-proxy-for-lync-web-services.aspx
http://pfsensesetup.com/reverse-proxy-services-with-varnish-part-one/
https://forum.pfsense.org/index.php?topic=82914.0
http://www.astiostech.com/blog/?p=100
Not complete list - I'm sure there is more.
-
Where's the on line docs? They're essentially non-existent for 2.1.5. The fact that everyone keeps referring to the book as "the" source for docs reconfirms this.
It is, after all, called "The Definitive Guide."
You have, today, the documentation you have, not the documentation you want. That is not going to change today. Certain deficiencies have been acknowledged by those in the best position to correct them. I don't know what else you want. Post a thread, ask your question. Don't use 2.1.5 in your searches, use 2.1.
-
kejianshi
Thank you for posting some links. I don't understand why there were links to POODLE discussions… ???
As far as answering questions, yes... The answer is: There are no good docs available for 2.1.5 that a new user has access to for testing purposes. I don't watch videos for help with installations, and all of the other "docs" were outdated and/or don't actually take you through the process of package installation (this is the single biggest issue I have with Squid and SquidGuard).
So, I guess it's settled for me... Back to an OpenSUSE build with manual installation and configuration of all of the packages. It will take me longer, but it's 100% rock solid and is something that I've been doing for almost a decade. So, I won't be learning a new system after all.
-
Poodle - because poodle is an ssl3 issue and the cure is to use tls?
-
I'm sorry things turned out like this for you.
I have a feeling that much of this (and no doubt similar experiences other have) is down to managing expectations. pfSense has a very wide user base. It is used by networking noobs as well as seasoned firewall professionals. It can be used in place of the cheapest SOHO router or an incredibly expensive commercial firewall product. Depending where you are coming from on that spectrum your expectations are going to vary massively. Personally I came from Smoothwall via IPCop and don't remember having much difficulty getting pfSense going or struggling to find the documentation to do so. Of course as I said earlier it's hard to remember not knowing something after you become sufficiently familiar with it. ;)I don't think anyone here would disagree that improving/updating the docs would be a good thing.
Steve
-
Enjoy the linux release.
-
Maybe instead of selling a book to understand how to use the product, certain features should be licensed. Software license revenue is repeating, item sales are singular. Personally, I'm unlikely to buy a book in order to use a product when there are plenty of competing products that don't require me to buy a book.
Yeah, we could, say, go the Cisco route. With the big bucks you pay for Cisco ASAs, surely they make flawless, perfectly comprehensive documentation available, right? No one would even bother writing or buying a book about a Cisco ASA, right?
Go search Amazon books for Cisco ASA. 122 books matching Cisco ASA. Into double digits recent books where the ASA is the primary topic. Oh…maybe not such a brilliant plan.
Show me one comparable solution that's free and has better documentation freely available. AFAIK, there isn't one. We have a good deal of up-to-date information available, and a whole lot more that's a bit dated but still easy to follow and correct on 2.2 today. You're paying somewhere.
I have 20 years of experience with Linux and Unix systems of all kinds. I'm not terribly interested in "reverse engineering" the processes that are used in pfSense so that I can understand how to locate configuration files, control scripts / daemons, logs, and the like. If I can't quickly find the information on line of things like how to install and configure a package like squidguard, I'll move on to the next product out there.
I don't get what's so difficult - we're extremely widely used because you don't need to "reverse engineer" or "forward engineer" all the intricacies of the underlying components. The system is largely self-documented with descriptive text on every page of the web interface. Anyone with experience with commercial-grade firewalls tends to pick things up quickly. Those who haven't dealt with anything more complex than a Linksys have a learning curve, but that'd be true regardless of what comparable-grade product you threw in front of them.
If you know enough to manually configure these things, you can surely figure out the web interface. Any question you might have has almost certainly been asked and answered before, likely several times - there are over 437,000 posts here today. Google site:forum.pfsense.org or site:pfsense.org to catch all our sites.
-
Dude was an iptables troll, dare I say dick. I've been watching for the last couple days and I have seen a few questions answered with links into the doc wiki. No, they weren't current with 2.1.5 but were more than enough information to get the config correct.
Nothing could get me to migrate from pf to iptables. Nothing.
-
-
Derelict - Not necessarily. Some people, even with a fully complete manual in hand or a set of instructions just can't get things working.
Maybe he is like that?
Let him enjoy his SUSE Firewall/UTM (If there is such a thing)
-
The doc wiki does need some updating but anyone who claims it lacks categorization or lacks in size is definitely trolling.
https://doc.pfsense.org/index.php/Special:Categories
98(!) different categories that can be used to lookup docs, and 490 different articles in total.
We are working to update much of the old stuff and add in some new things, but the book will always be the preferred reference. Some things lend themselves better to a book style, others lend themselves better to a wiki style. The two will always complement each other.
Some recent big updates:
https://doc.pfsense.org/index.php/VPN_Capability_OpenVPN - OpenVPN Remote Access How-To updated for 2.1.x
https://doc.pfsense.org/index.php/Writing_Disk_Images - A complete rewrite of the instructions for writing disk images (e.g. memstick and NanoBSD)
https://doc.pfsense.org/index.php/Low_Throughput_Troubleshooting - An entirely new article on troubleshooting slow connections
https://doc.pfsense.org/index.php/Asymmetric_Routing_and_Firewall_Rules - A new article expanding info on dealing with asymmetric routing
https://doc.pfsense.org/index.php/Forcing_Interface_Speed_or_Duplex_Settings - Removing cruft from 1.2.x and bringing the info current
https://doc.pfsense.org/index.php/Filter_Log_Format_for_pfSense_2.2 - A doc detailing the precise format of the raw firewall log on 2.2And that's just a few of ones that I've created or updated in the last month, not counting all the updates by cmb plus a few community contributors.
-
Dude was an iptables troll, dare I say dick.
I disagree. If you look at his other posts he made useful contributions to other threads. He expected a high level of documentation and for whatever reason he didn't find what he was looking for.
Steve
-
I disagree. If you look at his other posts he made useful contributions to other threads. He expected a high level of documentation and for whatever reason he didn't find what he was looking for.
Steve
With all due respect, I concur with Derelict. In this particular topic, he was being a dick.
He states he's been doing this for 20 years, but he can't figure out the basics of installation and use without pristine docs? Then he whines because no one held his hand configuring a bunch of advanced stuff? Wants to do squid, squidguard with custom blacklists, captive portal, qos for voip, reverse proxy etc, but can't buy the book or take the time to learn? I suppose if I went to the opensuse site there would be a step by step walkthrough showing me how to do all of that stuff with the current version…
Sorry for the rant, but the guys attitude rubbed me the wrong way. -
derelict and dotdash can both go get over themselves. I was not being a troll or attempting to "be a dick". Well, at least not dotdash - derelict deserved the comment I made directly to him. Sorry that the two of you have less than stellar capabilities of understanding how to deal with the public and with potential customers.
The pfSense documentation is sorely lacking for 2.1.5. Period. I have raised up numerous times a couple of issues that I encountered with things like understanding dependencies for packages, uninstallation of packages failing with no way to seemingly correct it, and a got zero information from everyone that just keeps touting how "98 categories" of areas to look in the docs is supposed to be the end-all, be-all of documentation.
I am NOT familiar with BSD in any of its forms directly. I don't know the package model, I don't know if the filesystem follows LSB, I don't know who creates or maintains the individual packages, whether THEY conform to LSB, and there is NO DOCUMENTATION to take a new user through the full installation and configuration of the product.
Could I reverse engineer it at the file level? Sure. Will it take me a lot of time? Yep. See comments above.
The problem is that I've been snake-bitten plenty of times before by managing things directly at the file level and then having that break the web interface controls. Clearly, a lot of time has gone into the admin interface to abstract things away from what's going on under the hood. If I start rooting around down at the file level, my gut tells me I'm going to break the web interface controls for at least one particular item, and that defeats the purpose of looking for a product that has a great web interface.
With regard to the Cisco example: You apparently missed comments that I have made where I directly stated that having good online docs and a book that's even better is something I would be all for. I used some really good on line documents a long time ago to get my postfix mail servers configured exactly the way that I wanted them. Then, I went out and learned a ton more from one of the great books that was available.
Yeah… You've got a great community here. On top of having little in the way of documentation for the current version of the product, plenty of people to tell a potential user that they don't know what they're talking about, don't have a clue, and then start calling them names. Kudos to not just the members, but the admins that allow (and dare I say even encourage?) this sort of behavior.