A new version of the distribution has been released to create the pfSense 2.1 firewall.

September 15, 2013, after two years of development, the distribution release for creating firewalls and pfSense 2.1 network gateways is presented. The distribution is based on the FreeBSD 8.3 codebase, using the m0n0wall project and actively using pf and ALTQ. There are many images available for download for the i386 and amd64 architecture, ranging in size from 80 to 180 MB, including a LiveCD and images for uploading directly to Compact Flash's of various sizes (512, 1GB, 2GB, 4GB).

The distribution is managed both via a web interface and via ssh / telnet / serial port. I will not long list all the features of pfSense, since whole books have been written about it. I propose instead just a glimpse of some screenshots of the web interface:


pfSense has the largest community among free opensource systems for creating software routers, and work on updates is ongoing. The official forum has a Russian branch.

The main innovations in version 2.1:

• IPv6 support: IPv6 configuration is now possible in most sections of the web interface. Including, IPv6 is available in the firewall, routing, CARP, DHCP, tunneling, VPN, DNS, PPPoE, etc. configuration sections.
• Support for installing add-ons designed in the form of packages in the PBI format used by the PC-BSD project;
• Support for RIP (routed), OLSRD and Unbound is allocated in separate packages;
• Transition to FreeBSD 8.3 code base, Atheros, OpenSSL 1.0.1e, PHP 5.3.x, OpenVPN 2.3.x driver update;
• Redesigned web-based management interface, which is translated from the Prototype JavaScript library to jQuery. Improved navigation and display of the status of services, added multilingualism, expanded the use of AJAX to update the information without reloading the page;
• The ability to create users for access to the interface with a restriction only read;
• Captive Portal features are enhanced (organization of user logon to the network through authentication on a special web page). Added support for using a single Captive Portal for different services and the ability to authenticate through different RADIUS servers (one for users, the other for logging into the cards). The ability to create users with access privileges only to the Captive Portal;
• Optional installation support using only a RAM disk for the / var and / tmp partitions, minimizing write operations to the underlying media;
• Multi-WAN support (switching to a spare link in case of primary failure) for DynDNS, IPsec and OpenVPN;
• Enhanced IPsec, OpenVPN, DHCP, NAT, packet filter, CARP;
• Increased flexibility to work with logs. Different types of logs (system, routing, rezolving, etc.) are divided into separate tabs. The packet filter log can be filtered by various criteria and sorted by any column.

Full list of innovations and changes.
PfSense blog entry .
Russian forum thread.
A list of major innovations taken from opennet.

ps If someone is interested in translations of books on pfSense ( Definitive Guide to pfSense and pfSense 2 Cookbook ) ask - I will help with a link.