The latest version of this PfSense firewall can be downloaded from Softpedia

Apr 7, 2014 06:32 GMT  ·  By

PfSense 2.1.1, a free, open source customized distribution of FreeBSD tailored for use as a firewall and router, has been released and is now available for download.

The developers of PfSense are making the best out of every release and implement all kinds of interesting changes. Most other distros would have a couple of changes for such a small increment in the version number, but the latest update to PfSense seems like an entirely new OS.

Many of you might not have heard PfSense before because it's not a widely publicized distribution. It's actually a free network firewall distribution based on the FreeBSD, but it uses a custom kernel and some pretty interesting applications.

The developers of PfSense are also saying that their distro has been successful in replacing a number of commercial firewalls such as Check Point, Cisco PIX, Cisco ASA, Juniper, Sonicwall, Netgear, Watchguard, Astar, and others.

“pfSense software includes a web interface for the configuration of all included components. Unlike some similar GNU/Linux-based firewall distributions, there is no need for any UNIX knowledge, no need to use the command line for anything, and no need to ever manually edit any rule sets.”

“In fact, the majority of pfSense users have never installed or used a stock FreeBSD system. Users familiar with commercial firewalls catch on to the web interface quickly, though there can be a learning curve for users not familiar with commercial-grade firewalls,” say the developers of PfSense on the website.

PfSense 2.1.1 comes with a ton of changes and improvements. For example, HTTPS is now being used to get updates, escapeshellarg() calls have been added on more exec parameters, some exec() calls have been replaced by PHP functions like symlink, copy, unlink, and so on, HTTPS is now being used to parse pfsense.org URLs, the output to the browser is now being protected by using htmlspecialchars, the checks for params “id” “dup,” and other similar ones have been improved, and special characters that can lead to shell/XSS compromises from submitted input when installing packages have been removed.

Also, HTTPS is now also being used to fetch packages, an ifconfig error has been fixed, the CIDR choices for IPv4 have been limited on the GRE interface, a dynamic gateway has been provided for GIF and GRE v6 tunnels, and an issue that changed the wrong gateway entry when items were hidden has been fixed.

More details about this distribution are available in the official announcement. You can download PfSense 2.1.1 right now from Softpedia.