pfSense is a custom FreeBSD distribution adapted for use as a Firewall and Router.
The release of the new version of pfSense 2.7.0 was recently announced, in which the migration of the system base to the most recent version of FreeBSD, which is v14, has been carried out, improvements, corrections and more have been implemented.
For those who are unaware of pfSense should know that this is a custom FreeBSD distributionwhich is adapted for use as Firewall and Router. It is characterized by being open source, it can be installed on a wide variety of computers and it also has a simple web interface for its configuration.
pfSense makes use of developments from the m0n0wall project and active use of pf and ALTQ. The distribution is managed through the web interface.
Captive Portal, NAT, VPN (IPsec, OpenVPN), and PPPoE can be used to organize user access on a wired and wireless network. A wide range of capabilities are supported to limit bandwidth, limit the number of simultaneous connections, filter traffic, and create CARP-based fault-tolerant configurations.
Main new features of pfSense 2.7.0
In this new version that comes from pfSense 2.7.0 the system base has been updated to FreeBSD 14-CURRENT (while the last version of pfSense used the FreeBSD 12 branch), on the change of the base, it is mentioned that it was changed to use the current branch in development instead of stable versions, since the CURRENT version implements the most recent changes to pfSense.
Another of the changes that stands out in this new version of pfSense is thatl Added support for ChaCha20-Poly1305 to IPsec, while for the part of the features that are left out, it is mentioned that support for 3DES, Blowfish, CAST 128, MD5 HMAC algorithms has been removed.
In addition, it is mentioned that the captive portal implementations and traffic limiters were changed to use the packet filter pf instead of ipfw, which made it possible to use new pf features, improve performance and improve captive portal stability by removing double packet processing in pf (used by default in pfSense) and ipfw.
It is also highlighted that usability in the interface to configure NAT and firewall rules was improved, as well as buttons to change the state of several rules at the same time and to copy rules to other interfaces.
On the other hand, it is mentioned that this release includes new ZFS features that may not be compatible with older boot loaders. These features are not enabled by default when upgrading to avoid potential issues with older bootloaders. For this reason, it is recommended that you reinstall the operating system from the current installation media, as this allows you to have the most recent boot and ZFS feature set.
Of the other changes that stand out from this new version:
- Resolved internet connection issues with multiple game consoles when using UPnP.
- Added new options for automatic and manual reset of firewall status.
- OpenVPN has been updated to version 2.6.4.
- PHP was updated to version 8.2.6 (previously the 7.4 branch was used).
- Fixed issues with unbound DNS server crash.
- A new web interface has been added to manage packet capture and traffic analysis.
- Added support for redirecting broadcast UDP packets between networks.
- Deprecated OpenVPN Shared Key Tunnels: Still works, but will trigger warnings in logs and GUI.
- New packet capture GUI
- UDP broadcast relay packet
Finally if you are interested in knowing more in this regard, you can consult the details in the following link
Download and get pfSense
For those who are interested in being able to download and install or be able to try this system, they can obtain the image of it, from your website and in its download section you can find the links to download the system image.
In the download section we can find several images for the amd64 architecture, 472MB. The image for usb can be saved with Etcher which is a multiplatform tool or in the case of Windows you can save the image with the help of Rufus, while from Linux we can use the dd command from the terminal.