Netgate removed all mention of pfSense from their website + Major Regressions in pfSense 2.5 and newer

Notice: Page may contain affiliate links for which we may earn a small commission through services like Amazon Affiliates or Skimlinks.

jjacobs

Member
Dec 25, 2020
74
32
18
CO
i think I'm limited to one of the *sense since i am using wpa_supplicant for ATT Router replacement. Currently I am on PFSense 2.4 and using it as head FW, for my home network, i pass a static ip down to Sophos UTM and use it for additional protection. PFsense only acts as a router for ATT and internet access for my IOT devices where i dont want to block them from rules i run in Sophos and dont want them knowing about rest of the network. for VPN im using Sophos SSL vpn, since i only need it for few occasions im out of the house and want to check on network etc.

I did not see Vyos supporting wpa_supplicant, at lease from googling.
Maybe this:

 

Vesalius

Active Member
Nov 25, 2019
252
190
43
i think I'm limited to one of the *sense since i am using wpa_supplicant for ATT Router replacement. Currently I am on PFSense 2.4 and using it as head FW, for my home network, i pass a static ip down to Sophos UTM and use it for additional protection. PFsense only acts as a router for ATT and internet access for my IOT devices where i dont want to block them from rules i run in Sophos and dont want them knowing about rest of the network. for VPN im using Sophos SSL vpn, since i only need it for few occasions im out of the house and want to check on network etc.

I did not see Vyos supporting wpa_supplicant, at lease from googling.
You could always run your router as a vm and let proxmox do the AT&T bypass to use with any router VM or try the below for vyos on bare Metal or from inside the vyos vm. The below is easier and more straight forward than any netgraph/*sense work around. Linux handles it better.

 
Last edited:

zer0sum

Well-Known Member
Mar 8, 2013
849
473
63
what you would recommend then for running in VM? i'm running my instance for OpenVPN only..
I run virtualized firewalls a LOT, and I switched from pfsense to opnsense a long time ago and have not looked back once!

Every now and again I'll try a lot of different open source and paid firewalls and OPNsense is pretty hard to beat :D
 

Layla

Game Engine Developer
Jun 21, 2016
215
177
43
40
For reference, I posted on this issue 23 days ago, and there's literally been zero feedback on it, and their GitLab link is dead. It just seems like they do not support or care about the open source version anymore (and moreover, if you can't access the source code, it's open source anymore, is it)?
I thought I'd pasted the issue link. This is the issue link that's now sitting 28 days since I posted, and 2 months since it was opened:
Feature #11750: qlnxe kernel module missing in 2.5.0 - pfSense - pfSense bugtracker
 

sth

Active Member
Oct 29, 2015
379
91
28
I dont think its true to say they dont care about open source anymore, my understanding is they've committed to maintain the open source version going forwards although new features are likely to be only available through their more restrictively licences plus product. I'm assuming they've done this to stop competitors easily migrating their high value investments into their competitive products. Although your ticket hasn't been responded to, I'd give them some time, the 2.5/plus launch hasn't really ben smooth sailing so I expect they are solving those challenges with paying clients first.
There has been a lot of back and forth on Netgates open source policies previously, I recall that the tools needed to build the code weren't available so even with the source, it wasn't (easily?) possible for an end user to compile their own version.
If being open source is critical to the end user, I guess their choices now is to remain on the less featured train, or jump to another solution such as opnSense or VyOS.
Interesting times for SOHO firewalls for sure.
 

PigLover

Moderator
Jan 26, 2011
3,184
1,545
113
I thought I'd pasted the issue link. This is the issue link that's now sitting 28 days since I posted, and 2 months since it was opened:
Feature #11750: qlnxe kernel module missing in 2.5.0 - pfSense - pfSense bugtracker
One of the beauties of Open Source is that you don't just have to "open a ticket (issue)" and wait for them to get around to fixing it. Since this one is pretty simple - adding support for an exiting kernel module - have you considered being a being a part of the community and submitting the pull request to fix it? I know becoming part of the solution is harder than just complaining but really - this one is pretty trivial.
 

Layla

Game Engine Developer
Jun 21, 2016
215
177
43
40
One of the beauties of Open Source is that you don't just have to "open a ticket (issue)" and wait for them to get around to fixing it. Since this one is pretty simple - adding support for an exiting kernel module - have you considered being a being a part of the community and submitting the pull request to fix it? I know becoming part of the solution is harder than just complaining but really - this one is pretty trivial.
That was a pretty presumptuous, preachy and ... comment. Thanks for mansplaining open source to me.

I contribute to open source regularly.

As I stated in my op when I created this thread, their GitLab link is broken, and when I went to look for the source code on their website, there were no links whatsoever to the pfSense source code from the negate.com website.

No, I'm not going to bother contributing to a project which is obviously so hostile to open source that they hide the source code away from their company website and paste broken links on their bug tracker, and don't communicate with their users. I have better things to do with my time than write PRs which will probably never be reviewed or merged.
 

Layla

Game Engine Developer
Jun 21, 2016
215
177
43
40
More info on reddit about pfSense 2.5/2.5.1 issues/regressions vs. 2.4.5: Should I migrate from 2.4.5 to 2.5.1 : PFSENSE (reddit.com)

Basically Netgate broke a bunch of stuff in 2.5/2.5.1, and hasn't fixed any of it. 2.4.5 seems to be the last version that functioned/performed properly, and it's likely advisable to not upgrade unless you don't use these features and need something specifically fixed in the newer versions.

And Netgate has pulled 2.4.5 ISOs completely from their website. The ISOs and SHAs are all gone.

 
Last edited:

Layla

Game Engine Developer
Jun 21, 2016
215
177
43
40
More info on reddit about pfSense 2.5/2.5.1 issues/regressions vs. 2.4.5: Should I migrate from 2.4.5 to 2.5.1 : PFSENSE (reddit.com)

Basically Netgate broke a bunch of stuff in 2.5/2.5.1, and hasn't fixed any of it. 2.4.5 seems to be the last version that functioned/performed properly, and it's likely advisable to not upgrade unless you don't use these features and need something specifically fixed in the newer versions.

And Netgate has pulled 2.4.5 ISOs completely from their website. The ISOs and SHAs are all gone.

Old pfSense versions from a mirror:
Index of /pfsense/ (dsu.edu)

Check/verify the hashes (while still possible):
Index of /hashes/ (pfsense.org)

SHA256 (pfSense-CE-2.4.5-RELEASE-p1-amd64.iso.gz) = 0a09a7748419c86c665eb8d908f584e96d54859aa13f4eeb175a60548c70e228
SHA256 (pfSense-CE-2.4.5-RELEASE-amd64.iso.gz) = fda93684669ad0b2b9e314a53d5c7272076484a6b714d60d5e06f14e1c7ce049
 

vudu

Member
Dec 30, 2017
62
22
8
63
I'm with Layla on this one. Having used PFSense since Monowall , I'm a little disappointed. And without knowing the details and following the machination closely, looks to me like another case corporate greed built on open source.
 

Vesalius

Active Member
Nov 25, 2019
252
190
43
Yeah, Netgate has quickly orphaned 2.5.* and has moved on to 2.6 development from what I have inferred from comments on Reddit from their employees. Purportedly 2.6 will happen pretty quickly based on their comments, but that is only words and does nothing to mitigate recent and past actions on their part even in the unlikley event they follow through.
 

TXAG26

Active Member
Aug 2, 2016
397
120
43
I think there's likely a lot of heavy lifting needed between 2.4, the 2.5 fiasco, and a new 2.6, but as they say, we shall see! Hopefully Netgate rights the ship and gets things back in a healthy direction with 2.6.
 
  • Like
Reactions: Vesalius