pfSense

mushtafa

mushtafa

mushtafa

Soldato
Joined
17 May 2013
Posts
3,033
Location
West Sussex, UK
https://www.pfsense.org/

Many people run this? Is it worth the hassle of setup?

Worth the cost of a small emachines PC running 24/7? https://www.cnet.com/products/emach...tor-celeron-450-2-2-ghz-3-gb-320-gb-lcd-18-5/

I have a pi 2 model B with PiHole.

1. I assume pfsense wont run on the pi2?
2. pfsense and pfBlocker is better/more powerful than PiHole?
I want to block ads network wide and start to filter the network so it's child friendly. The tutorial video I watched for the pfBlocker looked very good. Just by adding the IP of my PC to the firewall rule would allow be full access still.

Thoughts?
 
pfsense is a awesome piece of software, well worth running it on a dedicated box.
 
Two different functions. PiHole blocks adverts by faking DNS entries used by adverts.
pfSense is a router, firewall, dhcp, dns and more. I used it for ease of dropping bandwidth-sapping teenagers off my network :)

I use both, pfSense instead of a consumer router, and PiHole for it's really easy blocking of adverts.
I havent looked at pfblocker for a while though, seem to remember it blocked incoming connections from dodgy countries etc. If it also blocks Ads that can only be a good thing.
 
mushtafa said:
https://www.pfsense.org/

Many people run this? Is it worth the hassle of setup?

Worth the cost of a small emachines PC running 24/7? https://www.cnet.com/products/emach...tor-celeron-450-2-2-ghz-3-gb-320-gb-lcd-18-5/

I have a pi 2 model B with PiHole.

1. I assume pfsense wont run on the pi2?
2. pfsense and pfBlocker is better/more powerful than PiHole?
I want to block ads network wide and start to filter the network so it's child friendly. The tutorial video I watched for the pfBlocker looked very good. Just by adding the IP of my PC to the firewall rule would allow be full access still.

Thoughts?
Click to expand...

I have run it for the past ~2 years, firstly on a HP Microserver, then moved to a Dell R210ii to run it. It's very powerful, it will do pretty much anything you want. I use pfBlocker and it does the job well. It's perhaps not as easy to use as Pihole, but not difficult either. You can use the same DNS lists as Pihole. I run a proxy cache, VLANS, VPN server and VPN client and various other bits on it.

The Celeron 450 in that eMachines PC is no good, as it does not support AES instructions, which one of the next versions of pfSense will require.

And no pfSense wont run on a pi2.

pfSense is fantastic though, it handles everything I can throw at it. You can get some small and low power PC's that will run it nicely. The CPU power required will increase if you use encrypted VPN's at high speed etc.
 
Anorher vote for Pfsense here, though I believe if you intend on doing VPN stuff and are building your own box I think it pays to have a CPU that supports AES.

We'll worth looking at Netgate devices if you want to run it on dedicated hardware, they are quite good value and well developed. Netgate are some of the main contributors to Pfsense these days iirc.
 
Thanks all for the feedback. It looks as so a Microserver can run both pfSense and FreeNAS at the same time. This sounds very appealing.
Perhaps I'll go on the search for the Microserver first - wanted one for a while anyway
 
Some Microservers don't support AES-NI either. Which will work fine for now, but in the long term it wont be supported.
 
If you like companies who have a somewhat dubious history when it comes to slating other projects (the whole OPNWall ‘parody’ site antics for example) and can stomach some of the temper tantrums of said owner on reddit/forums, then pfsense’s product is OK, but it’s not exceptional, just popular. I’d suggest looking at Mono/OPN or if you want a UTM then Sophis XG has come a long way over recent versions, Untangle used to be decent, but i’ve not bothered with them in a good few years now.
 
Very happy pfSense user here and have been for a couple of years now. I too prefer the ease of use of using a PiHole for ad blocking so run that too. As has been mentioned, do ensure your chosen CPU supports AES-NI or else you’ll not be able to upgrade to the next major version, plus if you want to run a VPN on the router with any sort of speed then it’ll need it.
 
You must log in or register to reply here.
Back
Top Bottom