|
管理员
 
|
1#
大 中
小 发表于 2006/10/4 17:18 只看该作者
pfSense Features
http://www.pfsense.com/
pfSense changes implemented (subject to change daily):
- FreeBSD 6.1 - CURRENT with ALTQ
- Wireless a/b/g wpa_supplicant, turbo and _MUCH_ more
- Incoming load balancing pools
- PPPoE Server
- Themes
- Newsystem->afterfilterchangeshellcmd xml tag which is executed on thesystem after each filter change (or other networking related changes)
- All of the GREAT m0n0wall features, some improved
- setup wizard using xml -> web gui toolkit
- package xml -> web gui toolkit. RAPIDLY create packages and GUI's
- rebootless changes of settings
- multiple WAN Support
- outgoing load balancing pool
- pf (openbsd's packet filter)
- CARP - for failover and clustersyncing (rules, trafficshaper, nat, IPSEC SAs...)
- failovercapable DHCP-Server with advanced settings (specify gateway, DNS, WINS)
- advancedsupport for wireless devices (including WEP, WPA, HostAP-mode,hardware-encryption if supported by driver, mac-filtering, hide SSID,...) with by freeBSD6 supported wirless devices (atheros recommendedfor full functionality)
- Systemstatus with realtimegraphs including SWAP usage monitor
- ALTQ traffic shaping with integrated magic shaper wizard
- Queuegraphs for Trafficshaper
- Edit file option
- Execute command now in menu
- SSH Support
- Console support on COM1
- FTP-Proxy
- enhanced ALIAS-system
- enhanced configuration-system featuring a configuration history and partial config down-/uploads
- a lot of small "helpers" that make admins life easier
- Packages!
- ifdepd - building interface-dependencies
- ifstated - connection-checking
- pfflowd - converting PF-status-massages to Cisco NetFlow-Datagrams
- PFStat - Graphing
- NTOP - Enhanced network history data
- STunnel - wrap standard ports with SSL
- Pure-FTPD - Host FTP files
- Squid Transparent Proxy
- arpwatch - watch ethernet/ip-adress-pairings
- assp - Anti-Spam-Proxy
- doorman - portknocking to temporarily open ports
- freeradius - Radiusserver
- mtr - enhanced traceroute
- nmap - networkscanner for security auditing
- siproxd - proxy/masquerading for SIP-protocol
- spamd - fake SMTP-Server as Spam-Tarpit
- iperf - bandwidth-measuring
- netio - bandwidth-measuring
(some of the linked screenshots are not up to date as this is work in progress)
m0n0wall base features
- web interface (supports SSL)
- serial console interface for recovery
- set LAN IP address
- reset password
- restore factory defaults
- reboot system
- wireless support (access point with PRISM-II/2.5/3 cards, BSS/IBSS with other cards including Cisco)
- captive portal
- 802.1Q VLAN support
- stateful packet filtering
- block/pass rules
- logging
- NAT/PAT (including 1:1)
- DHCP client, PPPoE, PPTP and Telstra BigPond Cable support on the WAN interface
- IPsec VPN tunnels (IKE; with support for hardware crypto cards and mobile clients)
- PPTP VPN (with RADIUS server support)
- static routes
- DHCP server
- caching DNS forwarder
- DynDNS client
- SNMP agent
- traffic shaper
- SVG-based traffic grapher
- firmware upgrade through the web browser
- Wake on LAN client
- configuration backup/restore
- host/network aliases
|
