Plain FreeBSD vs PfSense

I‘ve been using a FreeBSD box as my dedicated firewall for some years now and its time to upgrade.
Since the PfSense series on the channel, I‘ve been wondering if there is something that PfSense offers, besides a convenient WebUI that FreeBSD doesn’t?

Are there any FreeBSD users in the community, which prefers PfSense as a firewall over FreeBSD, and what are your reasons?

Well, I am sure you could build your own firewall thing based on plain FreeBSD but ... why?
PFsense exists, it works, it is convenient ... why not use it?

1 Like

DIY or grab one that's preconfigured. PfSense provides the UI like you said and also a custom repo which provides some nifty tools.

There's no secret sauce in pfSense, all the heavy lifting is done by FreeBSD, the differentiator is just the web app used to manage the system (lighttpd+php) as well as a configuration management system.

Comparing the two is similar to comparing e.g. VyOS and Debian on the Linux side of things.

1 Like

just the webui and a few precompiled ports in it's own repo. if you're comfortable with freebsd there's no reason to switch.

There might be some under-the-hood optimizations that make pfsense better suited to be used as a firewall.

If it exists, and for free, why not?

If there's any pfSense specific optimization in there it's got to be a recent development. When I benchmarked both a while back they performed exactly the same.

(Performance used to suck in both cases equally for me)

You have to manually dial either one in for your use-case. That's kinda the point. Luckily that's easy as long as you read the doc and you're not trying to use a raspberry pi as a firewall.

1 Like