PfSense: Difference between revisions
Added PF wiki & external link. |
MisterTroy (talk | contribs) →Packages: BandwidthD package |
||
| Line 16: | Line 16: | ||
The [[software package|packaging feature]] of pfSense includes the following additional [[software]]. |
The [[software package|packaging feature]] of pfSense includes the following additional [[software]]. |
||
* BandwidthD - Used for tracking & graphing bandwidth usage for individual LAN IP's. |
|||
* ifdepd - Used for building interface dependencies |
* ifdepd - Used for building interface dependencies |
||
* ifstated - Adds interval based connection checking |
* ifstated - Adds interval based connection checking |
||
| Line 35: | Line 36: | ||
* netio - Add additional [[bandwidth]] measuring capacity |
* netio - Add additional [[bandwidth]] measuring capacity |
||
* nut - Adds support for UPS monitoring |
* nut - Adds support for UPS monitoring |
||
* [[Snort_%28software%29|snort]] - Adds Intrusion Detection capabilities |
* [[Snort_%28software%29|snort]] - Adds Intrusion Detection capabilities |
||
==See also== |
==See also== |
||
Revision as of 16:30, 19 February 2007
pfSense is a FreeBSD based (firewall) operating system derived from m0n0wall, which, as the name implies, uses the pf packet filter from OpenBSD. Its goals differ from those of m0n0wall in that pfSense attempts to provide a heavy, feature rich routing platform. On October 13, 2006 at 13:13:13, pfSense version 1.0-RELEASE was released[1].
Additional Features
pfSense provides a number of features not present in m0n0wall at the cost of increased memory and hard disk usage. This includes the ability to provide for multiple WAN connections, with load balancing, such that one user can effectively utilize several connections to the internet at the same time. pfSense also provides a Captive Portal feature which allows a user to limit connections to their server based on user login in a manner similar to those utilized by Internet Cafes. A user could conceivably be billed by the hour for internet access using this method.
- PPPoE Server
- ALTQ Traffic Shaping
- Common Address Redundancy Protocol support
- Multiple WAN support
- FTP-proxy
- Package system
Packages
The packaging feature of pfSense includes the following additional software.
- BandwidthD - Used for tracking & graphing bandwidth usage for individual LAN IP's.
- ifdepd - Used for building interface dependencies
- ifstated - Adds interval based connection checking
- pfflowd - Used for converting PF status messages to Cisco Netflow Datagrams
- PFStat - Adds additional graphing functionality
- Ntop - Adds the ability to record enhanced network history data
- Stunnel - Adds the ability to wrap standard ports with SSL
- Pure-FTPd - Adds the ability to host FTP files
- Squid Transparent Proxy- An all purpose caching proxy (currently not working but being fixed)
- arpwatch - Used for watching ethernet and ip address pairings
- assp - An anti-spam proxy
- doorman - Adds the ability to port knocking for temporarily opening ports
- FreeRADIUS - A RADIUS authentication server
- mtr - An enhanced traceroute function
- nmap - A port scanner for security auditing
- siproxd - A proxy with masquerading for the SIP-protocol
- spamd - A fake SMTP-Server used as a spam tarpit
- iperf - Add additional bandwidth measuring capacity
- netio - Add additional bandwidth measuring capacity
- nut - Adds support for UPS monitoring
- snort - Adds Intrusion Detection capabilities