Bobcares
Client Area
Emergency Support
Latest | pfsense

All We Need to Know About pfSense License Change

by | Oct 26, 2024

pfSense is open-source software under the Apache License 2.0 for community use, while its commercial version, pfSense Plus, offers advanced features and support for enterprise users. Read the article to know the steps to change the pfSense License. As part of our pfSense Support Services, Bobcares provides answers to all of your questions.

Overview
  1. Change pfSense License: From BSD to Apache 2.0
  2. The Change to the Apache 2.0 License
  3. Current Licensing: pfSense CE and pfSense Plus
  4. License Implications for Different Users
  5. Why the License Change?
  6. Changing to pfSense Plus
  7. Conclusion

Change pfSense License: From BSD to Apache 2.0

pfSense is a popular open-source firewall and router platform widely used for both personal and commercial applications. Initially, it was distributed under the BSD (Berkeley Software Distribution) License, a permissive license that gave users the freedom to modify, redistribute, and even use the software in proprietary systems. However, a significant licensing shift occurred in 2017 when the developers transitioned pfSense to the Apache 2.0 License. This change marked a new chapter for pfSense while still maintaining its open-source nature.

pfSense License Change

What Is the BSD License?

The BSD License offers the following features to the users:

  • Modifying the Source Code: Developers can tweak pfSense’s source code to fit their needs.
  • Personal or Commercial Use: There were no restrictions on how the software could be used, whether for personal use at home or within a large enterprise.
  • Redistribution: One of the standout features of the BSD License is the freedom to redistribute the software, even incorporating it into proprietary solutions without releasing the modified source code.

This licensing model provided flexibility for both individual users and commercial organizations. Whether we were a tech enthusiast running pfSense on a home network or an enterprise using it for more complex applications, the BSD License allowed seamless implementation without concern over licensing hurdles.

The Change to the Apache 2.0 License

In 2017, the pfSense team decided to transition from the BSD License to the Apache 2.0 License. The Apache License, while still an open-source license, comes with more specific terms compared to BSD. This change stirred discussions among developers and users, but it did not drastically alter the way most people interacted with pfSense.

The Apache 2.0 License still allows users to modify the software and distribute it freely. Also, users can continue to deploy pfSense in commercial environments without any financial cost. However, the Apache 2.0 License also introduces some notable differences:

  • Modifications must be clearly documented, and credit must be given to the original authors.
  • Apache 2.0 includes explicit patent protection for contributions, meaning contributors grant users the right to use any patents they hold in connection with the software. This provides an additional layer of legal clarity.

Current Licensing: pfSense CE and pfSense Plus

Today, pfSense is available under two different versions: pfSense Community Edition (CE) and pfSense Plus. Both are built on the same core software, but they differ in terms of features and licensing.

pfSense Community Edition (CE)

pfSense CE remains under the Apache 2.0 License. It is fully open-source and can be downloaded and used for free. Users can modify the source code, distribute it, and implement it on any compatible hardware without worrying about licensing fees. This version is ideal for tech-savvy individuals and smaller businesses that don’t require advanced features or commercial support.

pfSense Plus

pfSense Plus is the commercial version offered by Netgate, the company behind pfSense. It includes additional features tailored for business and enterprise environments, such as enhanced hardware support, optimizations, and priority updates. While it shares much of its codebase with pfSense CE, pfSense Plus includes some proprietary components, such as specific drivers and support for certain hardware configurations.

pfSense CE is a fully open-source, distributed under the Apache 2.0 License, and free for anyone to use. While pfSense Plus is a commercial version with proprietary elements, available with Netgate hardware or through a subscription model that provides access to support and updates.

License Implications for Different Users

The licensing shift from BSD to Apache 2.0, and the distinction between pfSense CE and pfSense Plus, impacts users differently depending on their needs.

  • For End Users: Most end users won’t notice any significant changes. We can still download and use pfSense for free, whether for personal or commercial use. The main difference is if we want to modify and redistribute the software—we’ll need to comply with the Apache 2.0 license’s attribution requirements.
  • For Developers: Developers need to pay close attention to the Apache 2.0 License, particularly the clauses around patent protection and attribution. If we modify pfSense and distribute it, we must include a notice of those changes and retain the original copyright information. This ensures transparency and respect for the original developers’ contributions.
  • For Businesses: Businesses can continue to deploy pfSense CE in their environments for free, enjoying the benefits of an open-source firewall and router platform. However, for enterprises that require professional support, enhanced features, or more robust services, pfSense Plus may be a more suitable option. It offers commercial licensing, including access to premium support from Netgate, as well as proprietary elements that might be necessary for more complex network infrastructures.

Why the License Change?

The switch to the Apache 2.0 License was driven by several factors:

  • Growing Needs: As the network infrastructure of pfSense users expanded, there was a need for more robust features and security, which could be better managed under Apache 2.0.
  • Patent Protection: Including patent protection in the license helps safeguard contributions and provides more legal clarity for developers.
  • Commercial Strategy: The creation of pfSense Plus allowed Netgate to offer premium services while still keeping pfSense CE open and free for the community.

Changing to pfSense Plus

If we’re using pfSense CE but the network’s requirements are growing, we may consider transitioning to pfSense Plus. The process typically involves:

  • Evaluating the Needs: Determine which features or support options are essential.
  • Choosing a Subscription Plan: Netgate offers different subscription levels based on the business needs.
  • Purchasing and Activating: Once we’ve selected the right plan, purchase the license and follow the instructions to activate pfSense Plus.

[Searching solution for a different question? We’re happy to help.]

Conclusion

The evolution of pfSense licensing from BSD to Apache 2.0 represents a careful balance between maintaining its open-source roots and adapting to modern network needs. For most users, pfSense CE remains a powerful, free solution, while pfSense Plus offers a premium option for businesses seeking advanced features and support. Whether we’re a home user or an enterprise, pfSense provides flexible options to fit the networking requirements.

Related posts:

  1. Snort on pfsense Rules | About
  2. Remote Access Pfsense WebGui Via SSH Tunnel: How To?
  3. pfSense HAProxy Authentication | Tutorial Note
  4. pfSense Allow web GUI from WAN | Guide

0 Comments

Submit a Comment

Your email address will not be published. Required fields are marked *

server management

Spend time on your business, not on your servers.

TALK TO US

Or click here to learn more.

Related Articles

  1. Snort on pfsense Rules | About
  2. Remote Access Pfsense WebGui Via SSH Tunnel: How To?
  3. pfSense HAProxy Authentication | Tutorial Note
  4. pfSense Allow web GUI from WAN | Guide

Never again lose customers to poor
server speed! Let us help you.

GET STARTED

Privacy Preference Center

Consent Management

When you visit any website, it may store or retrieve information on your browser, mostly in the form of cookies. This information might be about you, your preferences or your device and is mostly used to make the site work as you expect it to. The information does not usually directly identify you, but it can give you a more personalized web experience.

Because we respect your right to privacy, you can choose not to allow some types of cookies. Click on the different category headings to find out more and change our default settings. However, blocking some types of cookies may impact your experience of the site and the services we are able to offer.

Privacy Policy

Required
By using this site, you agree to our Privacy Policy.

Necessary

Necessary cookies help make a website usable by enabling basic functions like page navigation and access to secure areas of the website. The website cannot function properly without these cookies.

PHPSESSID - Preserves user session state across page requests.

gdpr[consent_types] - Used to store user consents.

gdpr[allowed_cookies] - Used to store user allowed cookies.

Cookies Used

Required
PHPSESSID, gdpr[consent_types], gdpr[allowed_cookies]

livechat.bobcares.com

Opt Out
PHPSESSID

my.bobcares.com

Opt Out
WHMCSpKDlPzh2chML

Statistics

Statistic cookies help website owners to understand how visitors interact with websites by collecting and reporting information anonymously.

_ga - Preserves user session state across page requests.

_gat - Used by Google Analytics to throttle request rate

_gid - Registers a unique ID that is used to generate statistical data on how you use the website.

smartlookCookie - Used to collect user device and location information of the site visitors to improve the websites User Experience.

Cookies Used

_ga, _gat, _gid

google.com

Opt Out
_ga, _gat, _gid

manager.smartlook.com

Opt Out
smartlookCookie

clarity.microsoft.com

Opt Out
_clck, _clsk, CLID, ANONCHK, MR, MUID, SM

Marketing

Marketing cookies are used to track visitors across websites. The intention is to display ads that are relevant and engaging for the individual user and thereby more valuable for publishers and third party advertisers.

IDE - Used by Google DoubleClick to register and report the website user's actions after viewing or clicking one of the advertiser's ads with the purpose of measuring the efficacy of an ad and to present targeted ads to the user.

test_cookie - Used to check if the user's browser supports cookies.

1P_JAR - Google cookie. These cookies are used to collect website statistics and track conversion rates.

NID - Registers a unique ID that identifies a returning user's device. The ID is used for serving ads that are most relevant to the user.

DV - Google ad personalisation

_reb2bgeo - The visitor's geographical location

_reb2bloaded - Whether or not the script loaded for the visitor

_reb2bref - The referring URL for the visit

_reb2bsessionID - The visitor's RB2B session ID

_reb2buid - The visitor's RB2B user ID

Cookies Used

IDE, test_cookie, 1P_JAR, NID, DV, NID

doubleclick.net

Opt Out
IDE, test_cookie

google.co.in

Opt Out
1P_JAR, NID, DV

google.com

Opt Out
NID

olark.com

Opt Out
hblid

rb2b.com

Opt Out
_reb2bgeo, _reb2bloaded, _reb2bref, _reb2bsessionID, _reb2buid

Security

These are essential site cookies, used by the google reCAPTCHA. These cookies use an unique identifier to verify if a visitor is human or a bot.

Cookies Used

SID, APISID, HSID, NID, PREF

google.com

Opt Out
SID, APISID, HSID, NID, PREF