 So PF Sense 2.44 has reached release candidate and this is pretty cool because there's a lot of little things being added and it just more progress on the project overall. So I figured I'd run down some of the changes. Nothing's super significant. It's all small incremental changes. But then one of the things we like about firewalls is not to have major updates and changes that could potentially break everything because, you know, these are kind of important pieces of hardware and software that are running and keeping a lot of businesses, you know, traffic routed. So I don't mind that these incremental changes in minor upgrades, you know, that makes my life a lot easier just thinking about that. But I am running it in my lab. I do have it loaded. This is the version 2.44 RC and the exact number of the system is 2.44 R201 809181751. And it seems you're working fine and routing fine. And I did this from my lab as an in-place upgrade. So I went from their standard stable and moved up to the release candidate and it went fine in case you want to do this yourself. I mean, I can't guarantee it's going to go fine for you, but it did go fine for me with the exception of some of the packages. I just had to remove them and put them back in and they started working again. So I haven't really had any major issues. The only packages, of course, I had are the OpenVPN one and the N-Top PNG one. This is the one I had to just delete, put it back in and it started working again and reset it back up. And I've covered N-Top PNG before, so that seemed to work fine. Now let's talk about a few of the things they've changed here. So there's a few little things, auto configurations free, DNS over TLS, which is really cool. It's integrated now rather simply and I'll show you how that looks. So there's the default port kind of grayed out, but you can override if you want to use a different port. There's the certificates that you can put in here, so it's pretty neat. Standard listening on the interfaces, but that's all enabled out of the box now. So all these features are right in there, which is definitely pretty cool. DNS has been one of those things that generally just been accepted because you should be on a trusted network when you're running DNS locally, but adding that extra layer of security is nice, hopefully will help prevent DNS hijacking and some of the other things that could potentially happen. So I do like that it's integrated in there. Now the other big change besides being based on a newer version of BSD and PHP 7.2 and some IPsec changes, but this one here, a limiter AQMQ schedulers. Now once this goes into full release, I may do a video on, because I've been asked a few times about traffic shaping, so I want to update it, but to understand traffic shaping a lot better, I like to refer back over to Mark Ferno. I'm not sure how to say his last name, doesn't matter, I'll leave a link to the video. Mark's video is really good and I've referred to it before. He has a nice, took the time to put together really nice explanations and animations to overall, not just for PFSense, but just how traffic shaping works. And I think it's a good breakdown for a lot of that. And this is also the type of traffic shaping that's being integrated into 244. It is the Codel and I can leave a link to this as well and it helps prevent buffer bloat. It's supposedly a much simpler design and implementation with less tweaking needed to keep the queue very clean and keep the packets in order and reduce buffer bloat. And one of the things you have to think about is just generally if your home user running PFSense or even someone with about a dozen computers, not a big deal. It generally doesn't cause too many issues if you have no traffic shaping. But when you start doing things that are very intensive, and I'll even say things like torrenting or any noisy protocol like that, where there's a ton of packets, that's when you can start having queue problems and you need to start enabling some queuing to make sure everything is in the right order. Now that's different than restricting speed, which I've talked about before, where you can just restrict the speed on certain interfaces and just slow them down and say, okay, this firewall rule only gets this much bandwidth or you create a different network with just a limited amount of bandwidth. And that kind of just solves your general problem of not letting the IoT devices run wild. But when you start at larger scale networks, you need to kind of manage the data pipe and manage all the packets to make sure packets don't get dropped or things don't get too backed up in the system and cause a lot of delays in generating your network. I'll leave links to these in the description. But other than that, there's a few other things. I'm going to do some more testing with it. Captive Portal authentication, Captive Portal HTML design usability. So they updated a few of these things to make them a little better, which is great. That has been a while since I've really used it. We don't have a ton of Captive Portal deployments. They, yeah, I got to admit it. Some people said there's a few other firewalls that have a better implementation. I think it's one of those things that just got kind of put on the back burner because not everyone's running Captive Portal and a lot of people are using. We've seen this too with some of our clients. Third party portals that do complete capture that redirect to other websites and things like that. We're doing that with some of the fast food chains that we have. They have their own system they put in for where the Captive Portal lands through their own authentication system. So it's not always handled by the firewall directly. So it's nice to see that they're going to update this. But I'm going to do some more testing with it. And like I said, I didn't have any problems loading it. Overall, it's not a groundbreaking change in terms of interface. It was able to bring up all my services with the exception of Entop, which is delete and reload and worked fine. I believe there's some note in the rata that I probably skipped in here. It says, hey, you're supposed to remove some of the packages before you do it to fix those issues, but not a big deal that does happen. But like I said, the highlights are really the DNS over TLS, the routing and gateways. They had some enhancements to do the extend maximum gateway probe interval. It's all like little incremental stuff. But like I said, for firewalls, we want these things to be generally not overly changed for each new version that comes out because, well, hey, new is fun when you're doing a lot of testing, but when you're deploying for stability for clients who hopefully seamlessly these updates go through and the client doesn't call you going, hey, everything broke. And then you have a lot of things to trust, things to troubleshoot. It can be fun, but you don't want that. But so far it's been working. I've been doing some testing with it. Once it comes out, I'll do like probably an updated in-depth video on PF Sense walking through all the new features and of course just walking through PF Sense again because I didn't do one for last year. I've been waiting for this whole version upgrade before I do another singular in-depth video with PF Sense. But my other ones are still relevant and still valid because the changes are not dramatic and the interface still looks much the same since they gave it the facelift. So I'm looking forward to the updates and I'm going to do some testing and report any bugs if I find them. Thanks. Thanks for watching. I'll see you in the next video. Thanks for watching and I'll see you in the next video.