Category Archives: PFSense

FreeBSD: jails, ezjail, pfSense

During the last couple of days I am intensively using ezjail to administer several jails on my machines. They are currently IPv6 only (internet-facing) and are used to build pfsense images to test locally (still setting this up, need to cross compile to i386 from amd64), offer a testjail to a collegue to work together on a Opsview implementation on FreeBSD, whether or not we are going to succeed in that, and I just installed a test environment for my webservices. They are all contained in their own little box, having IPv4 connectivity outgoing through NAT, and native IPv6 connectivity from my “Vendor” on an extra subnet that I obtained.

I like this, so I am probably going to setup some more services here and there to perform some magic for me that might need external access. I will also tie them together with LDAP and the like so that it’s an uniform base. At the moment I do not have additional ideas about moving production services towards jails as well though.

Thanks to FreeBSD this all is damned easy. You should try it, or poke me in case you want to know more! :)

Playing around with PFSense

In the last period I became rather familiar with the PFSense project. I decided to migrate some of my firewalling devices to PFSense, first starting at 1.2.3-RELEASE, and finally I upgraded them to 2.0-BETA1. Doing the latter thing is possible since the locations only use the internet from the LAN, and have some minor settings applied locally. Playing around makes it much easier because of that.

Currently I am checking the GRE and GIF interfaces, I am using them to create an OSPF network, and there are some oddities in them :-)

So perhaps I can see why the oddities are there and if needed correct them (or myself when I am misbehaving :) )

You should test PFSense, it runs FreeBSD 8, and is awesome !