In the beginning was the command line..

(Very) Easy to use FreeBSD Firewall

, posted: 13-Jul-2006 21:44

I have never been majorly impressed by embedded/appliance firewalls (not even Makos) until recently, when I discovered pfsense, a totally free FreeBSD distribution specifically designed for said purpose.

It's forte is a web-based administration interface which will let you manage port forwarding, firewall rules, traffic shaping, logging, graphs, DHCP, VLANs, multi-homing, multiple IPs per interface and etc with stupefying ease. This free firewall is surely better than many a commercial firewall.

It runs from CD or hard disk (or other embedded memory) but I wouldn't run it from CD because theres too many moving parts in a CD drive that might fail. To install it you will need a PC with at least 2 network cards, a >64Mb hard disk, CD drive and some respect for command line interfaces ie being able to read and follow on-screen instructions =)

Download and burn the LiveCD then boot it in your new firewall. The initial configuration will ask you to 'assign interfaces' this means refering an interface name to each of your network cards.

It's quite easy to do it the automatic way, unplug any network cables from the NICs and press a. The first one it will try and detect will be your WAN/Internet interface, plug the network cable into the NIC you wish to be used for this and press enter. Repeat this process for your LAN and any other interfaces as required.

After that you should be at the menu. Here, press 99 enter and you will be taken through a wizard-like setup programme that partitions, formats and installs pfsense to your hard disk.

Other related posts:
Sound the alarm: ACTA negotiations delayed
I'm not protesting S92a
watch Al Jazeera on XBMC

Comment by juha, on 14-Jul-2006 18:32

FreeBSD++ but you need to credit the OpenBSD team for developing the most excellent pf packetfilter. It's by far the easiest and most flexible IP traffic management system that I've used. pfSense looks very good.

Add a comment

Please note: comments that are inappropriate or promotional in nature will be deleted. E-mail addresses are not displayed, but you must enter a valid e-mail address to confirm your comments.

Are you a registered Geekzone user? Login to have the fields below automatically filled in for you and to enable links in comments. If you have (or qualify to have) a Geekzone Blog then your comment will be automatically confirmed and placed in the moderation queue for the blog owner's approval.

Your name:

Your e-mail:

Your webpage:

barf's profile

Stuart MacIntosh
New Zealand

Hello world.