![]() ![]() ^ "Releases - Versions of pfSense and FreeBSD".In June 2021, the official package repositories for both pfSense CE 2.5.2 and pfSense Plus 21.05 included the WireGuard package. Donenfeld that was originally sponsored by Netgate. The WireGuard package for pfSense incorporates the ongoing kernel-mode WireGuard development work by Jason A. ![]() In May 2021, WireGuard support was re-introduced back into pfSense CE and pfSense Plus development snapshots as an experimental package written by a member of the pfSense community, Christian McDonald. WireGuard founder Jason Donenfeld reviewed the code only to find glaring issues including “random sleeps added to ‘fix’ race conditions, validation functions that just returned true, catastrophic cryptographic vulnerabilities, whole parts of the protocol unimplemented, kernel panics, security bypasses, overflows, random printf statements deep in crypto code, the most spectacular buffer overflows, and the whole litany of awful things.” These discoveries prompted FreeBSD and later pfSense to remove WireGuard support. By February 2021, the module was included in pfSense CE 2.5.0, pfSense Plus 21.02, and scheduled for release in FreeBSD 13.0. In February 2020, a developer directly sponsored by Netgate started to commit code for a WireGuard kernel module to FreeBSD. In November 2017, a World Intellectual Property Organization panel found Netgate, the copyright holder of pfSense, utilized OPNsense' trademarks in bad faith to discredit OPNsense, and obligated Netgate to transfer ownership of a domain name to Deciso. It can also be installed on embedded hardware using Compact Flash or SD cards, or as a virtual machine. pfSense can be installed on hardware with an x86-64 processor architecture. Notable functions of pfSense include traffic shaping, VPNs using IPsec or PPTP, captive portal, stateful firewall, network address translation, 802.1q support for VLANs, and dynamic DNS. The July 2021 release of pfSense CE 2.5.2 version re-included WireGuard. In February 2021, feature updates of pfSense CE 2.5.0 and pfSense Plus 21.02 included a kernel WireGuard implementation, however, following reported issues in the code by WireGuard founder Jason Donenfeld, it was discontinued in March 2021. The name derives from the fact that the software uses the packet-filtering tool, PF. The pfSense project began in 2004 as a fork of the m0n0wall project by Chris Buechler and Scott Ullrich. ![]()
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |