PfSense 2.0 fork of FreeBSD for creating firewalls

After 3 years of development, a release of a mini-distribution kit is available for creating firewalls and pfSense 2.0 network gateways, in which almost all subsystems have been revised and improved. The distribution is based on the FreeBSD 8.1 codebase using the m0n0wall project and active use of pf and ALTQ. Several images are available for download for i386 and amd64 architectures ranging in size from 100 to 150 MB, including a Live CD and an image for installation on USB Flash.

Management is done through a web interface. Captive Portal, NAT, VPN (IPSec, OpenVPN and PPTP) and PPPoE can be used to organize users' output in the wired and wireless networks. A wide range of capabilities for limiting bandwidth, limiting the number of simultaneous connections and filtering traffic is supported. Statistics of work is displayed in the form of graphs or in tabular form. Authorization is supported by a local user database, as well as via RADIUS and LDAP.

Key innovations:
')

• Support for GRE and GIF tunnels;
• Support for 3G and DialUP connections, as well as Multi-Link PPP (MLPPP);
• LAGG interface support;
• Support for combining interfaces into groups;
• QinQ VLAN;
• Extended diagnostic criteria for the status of compounds;
• Most of the limitations of MultiWAN configurations have been fixed; complex backup scenarios are supported;
• Many improvements to the web interface, added a summary screen, support for widgets, the ability to customize the sending of notifications, context-sensitive help;
• The interface has been reworked and significantly expanded to customize the work as a network gateway;
• Support for nested alias, support for auto-completion of the name of alias-s when typing, the ability to set address ranges in alias-ah, functions for importing a list of alias-s, support for Aliases URL;
• The traffic restriction system was rewritten - any MultiLAN and MultiWAN configurations are supported correctly, a new configuration wizard has been added;
• Supports Layer7 filtering;
• Many improvements in the operation and configuration of NAT;
• Added certificate manager for IPSec / OpenVPN;
• Improved support for OpenVPN, enabled the ability to create archives containing OpenVPN and configuration, displays the status of connections with the ability to force disconnect clients, added support for RADIUS and LDAP authorization;
• EasyRule mode, in which you can add filtering rules when viewing the log;
• New user management interface. Ability to set various access restrictions for individual users;
• The implementation of TFTP proxy and IGMP proxy;
• L2TP VPN support;
• Tools for visual monitoring of the system based on PFTop and Top;
• The ability to simultaneously use multiple accounts for Dynamic DNS to update names for different interfaces. Support for 15 different Dynamic DNS services;
• Captive Portal features are enhanced (organization of user logon to the network through authentication on a special web page);
• The ability to view differences when viewing the configuration change history. Support for installing filters when viewing logs;
• Extended support for wireless cards, added new devices and support for a virtual access point (VAP).

Pfsense blog entry blog.pfsense.org/?p=598
Russian forum thread forum.pfsense.org/index.php/board , 9.0.html
News description taken from opennet www.opennet.ru/opennews/art.shtml?num=31779