> On Aug 3, 2016, at 9:18 PM, Moshe Katz <mo...@ymkatz.net> wrote: > > Maybe I'm reading too much into points 1 (second paragraph) and 4 of your > message, but it sounds somewhat hostile to the old use-your-own-hardware > selling point that brought me into the pfSense community ten years ago in the > first place.
Moshe, Thanks for your kind words. I appreciate your reaching out. I think that perhaps you are over-reading my response. Use-your-own hardware (if you want) is still a key point of pfSense, and it's not changing, even though I get challenged frequently on same both inside and outside the company. I've literally had people (outside the company) challenge me during the past 24 hours that there is "no barrier to entry" for people entering the market to sell appliances based on pfSense software (typically on Amazon or eBay). This is truth. We carry on anyway. Personally, I think pfSense has gotten a lot better during the past several years as we've been able to bring dedicated professional staff to bear on the process of keeping up to date with our upstream project(s), rather than lagging by several years. All the changes to the toolchain to support this remain open source. Case in point: 2.4 snapshots will begin shortly, based on FreeBSD 11, which is not yet in release candidate form. MPD and captive portal don't work, but these will be fixed before 2.4-release. The captive portal work will serve to decrease our technical debt, due to the elimination of several patches found in pfSense that will never be upstreamed, and are not up to our standards of quality. 2.4 will also bring the ARM architecture to pfSense. We've also moved to bsdinstall, which means that ZFS is an option during install. Moving from PBI to pkg-ng as part of 2.3 enabled this work. This move included a huge improvement in the build tools to be a lot more like those found in FreeBSD. Work in this area continues. Past efforts to improve both FreeBSD and pfSense include bringing AES-GCM to IPsec. Work continues on making the stack faster and better, see our paper, Measurement and Improvement of a software based IPsec implementation to be given at Eurobsdcon next month. https://2016.eurobsdcon.org/speakers/ (this effort is a pre-requisite to making QAT work at speed.) The entire FreeBSD community (including various forks of pfSense) benefits from these efforts, just as the entire pfSense community benefits both from these efforts as well as those of outside collaborators like BBCan117 (pfblockerNG) or Denny Page (dpinger, bringing the NUT package back to 2.3+) or Bill Meeks (Snort and Suricatta) or Phil Davis (space does not allow me to begin to enumerate Phil's contributions) or even Kill Bill/doktornotor. I hesitate mentioning these because I have left many others out, and I do not mean to slight their efforts by not mentioning them. All of it, every single piece, is under a liberal open source license. But it remains true that there would not be a project but for the core developers and core contributors. We preferentially employ FreeBSD committers to work on pfSense. This has always been true. Running the project takes funds. - Donations don't work, and we ask that anyone who wants to donate to pfSense instead donate to the FreeBSD Foundation. - Support does not scale. - Appliance sales do. I am not blocking BYOH, nor have I made any plans to do so. I'm not hostile to it at all, Moshe. This said, people selling appliances based on pfSense *who do not otherwise contribute to pfSense* (or worse, who work against pfSense), are not part of the solution. Applianceshop/Deciso, and every one of their "opnsense" partners still also offer pfSense on the same appliances. None of them contribute to pfSense, all are willing to see it destroyed. I do not endorse or support these companies and individuals. Any number of parties on eBay and Amazon (and elsewhere) sell pfSense appliances, but none of them contribute to pfSense or FreeBSD. I don't block these, though I do insist that they correctly use our trademarks. That said, I do not endorse or support these parties, as they do not participate in the project or upstream, while freely availing themselves of our efforts. Companies as large as VMware, Cisco and Avaya have forks or components of pfSense as part of their product set. None of them contribute to pfSense or FreeBSD. We are approached several times per week by companies large and small, almost always with a one-way deal. In every healthy relationship there is an exchange of value where each party gets something out of the exchange, even if it is relatively small. This can be a deliberate exchange, or it can be embedded in social interaction and conversation. Value may be a perception of benefit, rather than something material. It may or may not be quantifiable and it may be highly valued or of limited value. It may also be unconsciously rather than consciously assessed. A critical aspect of value exchange is that each side is content with what they are getting relative to what they are giving. The underlying principle that makes this work is that of barter, where people have a surfeit of some things (and thus value them less), and exchange them for things they want or need (which they value more). A common social value exchange involves some combination of information, affirming relationship and soothing of troubles. The classic retail and business value exchange is money for goods and services. Open source is no different, there are sill value exchanges that must exist. All sides must be content with the exchange. I look forward to your response. Jim _______________________________________________ pfSense mailing list https://lists.pfsense.org/mailman/listinfo/list Support the project with Gold! https://pfsense.org/gold
