DynFi Firewall : software development

What is the philosophy of our project?

A resolutely Open Source project

The DynFi Firewall project is a 100% Open Source project whose objective is to offer a dynamic and easy to administer firewall system.

DynFi Firewall will become the reference firewall for European companies that choose Open Source.
DynFi Firewall will provide universities with a unique development environment to test and integrate new cybersecurity features into an open source firewall.

Indeed, DynFi Firewall brings for the first time a high degree of liability in the compilation mechanisms of the source code that allows to generate firewall images. Most other distributions make it very difficult, if not secret, to generate images.

The DynFi teams have chosen a very different approach by relying entirely on the development mechanisms from FreeBSD, in particular the powder keg software. We have also taken over the FreeBSD installer in order to revisit the initial steps of installing DynFi Firewall.

The release of our firewall will correspond to the release of FreeBSD version 13.

We have been using the FreeBSD “CURRENT” branch for the duration of our development, which allows us to actively contribute to FreeBSD’s development, while fostering interaction with the developers. Our teams have also contributed to testing the latest network driver for the AMD C-3000 chipset.

What directions for our developments?

We have chosen to have a firewall without an additional packet system, but with a new activation mechanism.
This principle is inspired by that of TrueNAS where the different packages can be activated or deactivated on demand by the user. Our system should be enriched with this type of mechanism in the near future.

We want to enhance the APIs available within DynFi Firewall, especially those used for managing firewall rules.

We will develop new integration mechanisms between the Manager and

m0n0wall - pfSense - OPNsense - DynFi Firewall: the origin of the forks

A good diagram is better than a lot of speeches: here is the illustrated history of the Open Source firewalls derived from FreeBSD.

graph LR; A(m0n0wall) --> |Fork in 2006| B(pfSense) B --> |Fork in 2015| C(OPNsense) C --> |Fork in 2020| D(DynFi Firewall)

The DynFi Firewall project is therefore a fork of the OPNsense project, which in turn is a fork of the pfSense project.
PfSense® was itself originally derived from the m0n0wall project (project stopped in 2015).

If you would like more information on this history, you can refer to our documentation.

DynFi has been a major contributor to the modernization of the pkg package manager and the creation of the pkg-base subproject to modernize the package management architecture in the FreeBSD system.

Discover our firewall product range