Thanks Tom for another great video. If it wasn’t for you I wouldn’t even be running pfsense. I watched your videos in 2018 and took the plunge switching over from dd-wrt. I built my own fanless low power consumption box on an ITX board in 2018 for about $200 US and never looked back. You vids with the basic setup and firewall rules were priceless. As far as the CE vs plus I think I’ll stay the course for now with CE.Thanks for doing these videos
Moderators on Reddit be deleting less than favorable comments on the most recent EULA.. Also locking down any discussion related to Netgate licensing. Not sure what that is about.
To be fair, the mods have been adding to the flames instead of addressing the concerns, so it's hard to say its misinformation if Netgate refuses to clarify anything
Wow, you literally answered every question I had when I saw the free Home & Lab edition of plus became available with an in place upgrade path in 2.6. Great video. Thanks!
Great coverage of the product features, Tom. It would have been beneficial to the community to at least mention some of the controversy regarding remote access, even if you don't necessarily think it is a valid concern.
I find these licensing comments funny. You to me are the biggest skeptic when it comes to whether or not an open source software can be trusted. If it's good enough for you, it's good enough for me. Most of the commentators must not know how much you talked about this over the years. On another note, really nice lighting & sound and very pleasant new setup/editing overall. My 1st time seeing the new studio. Thanks for all you do.
Keep up the good work Tom. Another nice video. I don't have any problems if you get any benefits out of your work, like some people here. Congrats on your new studio. Just upgraded my pfsense HA to 2.6.0 version (running on proxmox cluster), forgot to switch my CARP on primary to maintenance mode (like netgate docs suggest), and still upgrade went smoothly, without any problems. Will upgrade to plus later on. I can always go back to CE version if won't like it. It would be great if you would make a video on running FRR on pfSense with different BGP scenarios. I'm runnig Bird BGP on my routers and thinking about switching to FRR on pfSense, so your video on this subject would be very helpfull not only for me, but for many small ISP operators as well.
Tom, I’m really glad you made a video on the subject. Security folks are pessimistic by nature - we need to be, so don’t let the comments get you too bad. But the conspiracy theories - those are hard to deal with. People are going to believe what they want anyway. One thing that could be covered more is the difference in update cycles between the two and if CE is considered a fast branch of Plus. That’s actually something that’s useful to know, especially for us Open Source developers and such.
Hi Tom. To me you make it sound like there's no real reason to stay with the CE because pfSense Plus just offers some extra features and you can get it for free as a home user. But there are concerns about the evaluation agreement of pfSense Plus I wish you would have stated in this video because (I bet) many people are interested in this. For example the evaluation agreement states stuff like "Software provided by Netgate may contain tracking and/or disabling features" and "Evaluator shall not relocate Products without the prior written consent of Netgate" which to me is the reason NOT to go with pfSense Plus because I'm somebody who is a bit more privacy oriented. I'm sure I'm not the only one who values privacy a bit more.
The licence is vague and needs clarification but I don't waste my time speculating and coming up with theories that seem implausible such as Netgate putting in a back door.
I’m old enough to remember the Netscape Navigator scandal. Never assume a company will always act in your best interest no matter how good their product is.
@@rjy8960 There is wording in the evaluation license terms for pfSense Plus where it says that you must provide Netgate remote access to your firewall if they request it. Some people are bugging out about that, but I don't think Netgate is going to go around requesting access to everyone's firewall just for the heck of it. Personally, If I have a weird bug that they want to look at I would accommodate them. Even on CE I would do this. I don't think they are asking for blind 24/7 remote access or anything like that.
Great! I've dealt with netgate support 4 times (messing up 3 different netgate fw models in lab) and they provided support and instructions super fast.. tech lite is still waaay better than most paid supports i have dealt with. also Tom, can you do a vid on pfsense + zenarmor ? I've tried a few times, couldnt get it to working and there isnt much discussion about it on forums either.
I love your videos. Despite the other comments I like you don’t engage in clickbait, “pfsense changes you are going to hate.” Probably not going to get plus, but glad I can if I want.
It looks good on the surface. After reading the evaluation agreement you need to agree to in order to convert, I have concerns. I cannot see what the difference between home and lab is. Also, what is the evaluation period. I did not see it anywhere. I do not like that the agreement also has text that, to my admittedly lacking legal knowledge, has text stating that I must give remote access to netgate upon request. There are some other concerning bits in there. They can end the agreement at anytime and immediately charge me a year license agreement. I would perhaps not mind so much if they were a little more transparent about the direction they are going and intentions 2 or 3 years out.
Thanks Tom, great video. I’m just curious as it didn’t appear to be clear in the video. Development for CE and Plus I’m assuming will run along side each other. But ultimately is it the plan to phase out CE and have Plus as the main OS? Just thinking about the future here, would it be better to adopt plus now and become familiar with it as changes start to happen, or there will always be a CE edition that will only differ in some “enterprise” features. Keen to install Plus
I'm still pissed that I bought Netgate hardware (3100) because it was a great way to contribute cash to a strong supporter of Open Source. Now I can't upgrade to anything but a proprietary fork. Yay. :(
part of what you say about Plus and CE being the same is contradicted by negate themselves. Netgate themselves has said they are going to ber putting their dev efforts more towards plus than CE. It was in their own announcement of plus.
$799 is a drop in a bucket compare to most other annual costs. sonicwall is still charging money per VPN user and for sit to site connections. and the craziest part is that people still buy them.
Tom I love the idea of open source and pfsense their firewalls are awesome I have a couple that I manage. But for large offices with lots of users I can’t get past that there’s not built in category blocking for websites and also app control with lists of different apps to block. It’s why I use Sophos firewalls most the time. Am I thinking about it wrong? I know you can block with lists in pfsense but it seems like it’s harder to manage. Thanks
Its a TAC support feature, so it isn't surprising that the remote access clause would exist somewhere in an agreement. The real question if you are concerned with that, is how is it implemented? Our support with Fortigate allows their technichians to remote access when we have a trouble ticket. They also get specific information on our system like update status which we can see on our support portal. These features are great to have in a business product.
@@MrNagant007 There would be no problem at all if it was mentioned in context of support. But as it is worded now, Product is every piece of Netgate IP including software and hardware, and we as home/lab users are clearly a beta-testers who consent to providing remote access at any time for any vague reason remotely close to evaluating performance of the Product.
@@LAWRENCESYSTEMS you could say that if you were their lawyer, but in reality this documents defines their rights and freedoms as well as user's obligations to them, all in writing. Is there any place where user rights are stated in writing? Ofc no, which creates a lot of grey area and I believe they should clear things up in their license and not mix contexts of evaluation, support and non-commercial use of their software all in one pile. Most of home/lab users won't have support and it makes no sense for them to give consent for required 3rd party actions. This clause only makes sense it terms of metrics collection keeping in mind target userbase of "evaluation" license. And this is not very welcome as well in the context of firewall software as a network security egde-device. If they require metrics data, then it should be in a separate agreement, same for support agreement. Right now I see it as: "from now on, you may continue using our software, but it's not really a project anymore, but rather a solid product and we own everything about it, even the networks it serves for free."
@@Mr.Leeroy No, I did not wright that as if I was a lawyer. To me "subject to the Evaluator’s security regulations" seems fairly clear but this is also why I don't bother making a video debating about the licence on UA-cam because the moment you say any part is clearly written people will tell you it is not and just turns into a debate like this one. If I am using pfsense+ I am fairly certain that I become the "Evaluator" and Netgate's ability to access my equipment is based on "the Evaluator’s security regulations". Also, if you have used their TAC support your would know they have to have you configure remote access for them to get in by manually opening ports, not through some hidden backdoor.
This is my concern with Plus down the road: Since Plus is based on FE and FE only sold with Netgate hardware, I think it would be difficult for Netgate to continue to support 3rd party hardware with Plus from users migrating from CE to Plus Home. Therefore, I fear that after migrating to Plus Home, support for those 3rd party hardwares will be phased out and Plus Home users will be required to purchase Netgate hardware. And at that point Plus will have diverged so much from CE that going back will mean a Fresh install with No backup migrations available. It just not make business sense to add 3rd party hardware support to Plus Home (Free) Users. Either that, or Netgate will start charging Home users a license fee.
Not really a concern because the hardware / driver drive support comes from the FreeBSD code base they share, not as part of packages that are added on.
I thought the video was good, but I would like to see a demo of the things that plus adds. I know you listed them, but I am not really sure what they are and you didn't say or show why you would want them. I have watched a number of videos showing how easy it is to upgrade to plus. The other thing I can't find is what does non-commercial really mean? If I work from home and work for a company is that non-commercial if the firewall really has nothing to do with the company other than traffic is running through it? Thank you for your videos.
Maybe, but they are not particularly complex tools. The OpenVPN import simply imports OpenVPN config files and the IPSec Export tools do what their name implies. And the best I can tell from the documentation is that QAT only helps IPSec (unless I am misunderstanding it) docs.netgate.com/pfsense/en/latest/hardware/cryptographic-accelerators.html
I have to wonder if pfSense plus home and lab is going end up being like TNSR where your don't get updates with out reinstalling as it lists updates as a specific feature of tac lite, pro, and ent.
How about running pfSense on Protectli hardware but separated from the hardware with ESXi for additional security and reliability? CE or Plus? Images are easier to manage.
That is more complexity but not more security. pfsense can be virtualized, I run most of my demos using pfsense inside of XCP-NG. I don't use ESXI, but it is supported in pfsense.
@TomLawrenceTech This is the second time I have heard you mention a dashboard to manage multiple pfsense instances. Where did you see that they are working on this?
@@LAWRENCESYSTEMS oh.... Sorry.... I just went back and watched the section where you talked about it. Maybe I should start actually watch your videos instead of just listening to them.
Reverted back to 2.5.2 becase 2.6 (CE & Plus) both broke my upload (was getting only 0.2mbps instead of 250mbps) and that broke my Plex. No upgrade for now :D
As per usual thank you for the breakdown. On another note! I am by no means an expert, but it is downright comical how commentors on Redditt have lost their collective minds. The difference between the CE version as compared to the Plus (that requires an agreement to use it for "evaluation" "while it is free") is pretty obvious.
How do you route between multiple subnets on pfsense , so I can have a server on one subnet ethernet port and have my laptop on another subnet ethernet port and be able to access the server through my laptop ? I created all the firewall rules to, But I can't access my server through my PC
Does pfSense Plus also include hardware-related features that the CE version does not have? Such as: - Support for ARM CPUs (can you install this version on an ARM-based computer that is not a Netgate appliance?) - Seamless BIOS update for Netgate appliances? - Support for Marvell switch configuration
@@AG-no8zq I never said he doesn't. He is awesome. Like I find all the stuff he cover so interesting but I don't like the way the videos are stretched out adding stuff that doesn't really relate. And I know creators have to make money and he definitely deserves but it kills my energy.
Thanks Tom for another great video. If it wasn’t for you I wouldn’t even be running pfsense. I watched your videos in 2018 and took the plunge switching over from dd-wrt. I built my own fanless low power consumption box on an ITX board in 2018 for about $200 US and never looked back. You vids with the basic setup and firewall rules were priceless. As far as the CE vs plus I think I’ll stay the course for now with CE.Thanks for doing these videos
Moderators on Reddit be deleting less than favorable comments on the most recent EULA.. Also locking down any discussion related to Netgate licensing. Not sure what that is about.
I haven't seen comments deleted but I've seen threads locked because the speculation on the threads are spreading misinformation like wildfire.
To be fair, the mods have been adding to the flames instead of addressing the concerns, so it's hard to say its misinformation if Netgate refuses to clarify anything
Wow, you literally answered every question I had when I saw the free Home & Lab edition of plus became available with an in place upgrade path in 2.6. Great video. Thanks!
Great coverage of the product features, Tom. It would have been beneficial to the community to at least mention some of the controversy regarding remote access, even if you don't necessarily think it is a valid concern.
I find these licensing comments funny. You to me are the biggest skeptic when it comes to whether or not an open source software can be trusted. If it's good enough for you, it's good enough for me. Most of the commentators must not know how much you talked about this over the years.
On another note, really nice lighting & sound and very pleasant new setup/editing overall. My 1st time seeing the new studio. Thanks for all you do.
Keep up the good work Tom. Another nice video. I don't have any problems if you get any benefits out of your work, like some people here. Congrats on your new studio. Just upgraded my pfsense HA to 2.6.0 version (running on proxmox cluster), forgot to switch my CARP on primary to maintenance mode (like netgate docs suggest), and still upgrade went smoothly, without any problems. Will upgrade to plus later on. I can always go back to CE version if won't like it. It would be great if you would make a video on running FRR on pfSense with different BGP scenarios. I'm runnig Bird BGP on my routers and thinking about switching to FRR on pfSense, so your video on this subject would be very helpfull not only for me, but for many small ISP operators as well.
just get opnsense at this point
Tom, I’m really glad you made a video on the subject. Security folks are pessimistic by nature - we need to be, so don’t let the comments get you too bad. But the conspiracy theories - those are hard to deal with. People are going to believe what they want anyway. One thing that could be covered more is the difference in update cycles between the two and if CE is considered a fast branch of Plus. That’s actually something that’s useful to know, especially for us Open Source developers and such.
Well said
Hi Tom. To me you make it sound like there's no real reason to stay with the CE because pfSense Plus just offers some extra features and you can get it for free as a home user. But there are concerns about the evaluation agreement of pfSense Plus I wish you would have stated in this video because (I bet) many people are interested in this. For example the evaluation agreement states stuff like "Software provided by Netgate may contain tracking and/or disabling features" and "Evaluator shall not relocate Products without the prior written consent of Netgate" which to me is the reason NOT to go with pfSense Plus because I'm somebody who is a bit more privacy oriented. I'm sure I'm not the only one who values privacy a bit more.
The licence is vague and needs clarification but I don't waste my time speculating and coming up with theories that seem implausible such as Netgate putting in a back door.
I’m old enough to remember the Netscape Navigator scandal. Never assume a company will always act in your best interest no matter how good their product is.
If you save ur current config xml you could always go back couldn't you? Just do a new install of ce and load the saved configs
@@christopherjackson2157 yup, and I covered that in my video.
Thanks!
I think it's time to move to OPNsense.
I was waiting for that. Thanks ❤
Yup me too I found the description from pfsense confusing
I appreciate the quick info. Nice studio!
What about Netgate having the option to have remote access to your firewall? This is being reported on Reddit.
So you can no longer use VPN to connect to your main network and access your Pfsense firewall now?
Only if you allow access to your firewall.
@@rjy8960 There is wording in the evaluation license terms for pfSense Plus where it says that you must provide Netgate remote access to your firewall if they request it. Some people are bugging out about that, but I don't think Netgate is going to go around requesting access to everyone's firewall just for the heck of it. Personally, If I have a weird bug that they want to look at I would accommodate them. Even on CE I would do this. I don't think they are asking for blind 24/7 remote access or anything like that.
It's pretty common on commercial firewalls to generate a token or "allow remote access for support". It should be a user setting to allow it.
The PFsense Plus free license evaluation agreement ??
Great! I've dealt with netgate support 4 times (messing up 3 different netgate fw models in lab) and they provided support and instructions super fast.. tech lite is still waaay better than most paid supports i have dealt with. also Tom, can you do a vid on pfsense + zenarmor ? I've tried a few times, couldnt get it to working and there isnt much discussion about it on forums either.
I love your videos. Despite the other comments I like you don’t engage in clickbait, “pfsense changes you are going to hate.” Probably not going to get plus, but glad I can if I want.
Thanks, but I like that video title idea 🤣
It looks good on the surface. After reading the evaluation agreement you need to agree to in order to convert, I have concerns. I cannot see what the difference between home and lab is. Also, what is the evaluation period. I did not see it anywhere. I do not like that the agreement also has text that, to my admittedly lacking legal knowledge, has text stating that I must give remote access to netgate upon request. There are some other concerning bits in there. They can end the agreement at anytime and immediately charge me a year license agreement.
I would perhaps not mind so much if they were a little more transparent about the direction they are going and intentions 2 or 3 years out.
Yes interesting he didnt mention this on the video
Thanks Tom, great video. I’m just curious as it didn’t appear to be clear in the video. Development for CE and Plus I’m assuming will run along side each other. But ultimately is it the plan to phase out CE and have Plus as the main OS? Just thinking about the future here, would it be better to adopt plus now and become familiar with it as changes start to happen, or there will always be a CE edition that will only differ in some “enterprise” features. Keen to install Plus
I'm still pissed that I bought Netgate hardware (3100) because it was a great way to contribute cash to a strong supporter of Open Source. Now I can't upgrade to anything but a proprietary fork. Yay. :(
part of what you say about Plus and CE being the same is contradicted by negate themselves. Netgate themselves has said they are going to ber putting their dev efforts more towards plus than CE. It was in their own announcement of plus.
$799 is a drop in a bucket compare to most other annual costs. sonicwall is still charging money per VPN user and for sit to site connections. and the craziest part is that people still buy them.
I did it and hopefully I didn't make a mistake (free upgrade from CE to Plus), meaning I hope they don't start charging. 🙂
Tom I love the idea of open source and pfsense their firewalls are awesome I have a couple that I manage. But for large offices with lots of users I can’t get past that there’s not built in category blocking for websites and also app control with lists of different apps to block. It’s why I use Sophos firewalls most the time. Am I thinking about it wrong? I know you can block with lists in pfsense but it seems like it’s harder to manage. Thanks
We do that via end point management agents on the system, not via pfsense.
@@LAWRENCESYSTEMS great point thanks. 👍🏼
Almost May 2023. Still no 2.7.0 community edition. Calling it now. It's dead, Jim.
pfSense is smart. home/lab will allow admins/people to learn pfSense if they want to. No expensive hardware required.
Thanks Tom. I tried to find this information online with no luck. Certainly seems to have been hidden well!
What about Plus Home/Lab edition enforcing new Evaluation License (which is too permissive in favor of Netgate up to the point of remote access)?
Its a TAC support feature, so it isn't surprising that the remote access clause would exist somewhere in an agreement. The real question if you are concerned with that, is how is it implemented? Our support with Fortigate allows their technichians to remote access when we have a trouble ticket. They also get specific information on our system like update status which we can see on our support portal. These features are great to have in a business product.
@@MrNagant007 There would be no problem at all if it was mentioned in context of support. But as it is worded now, Product is every piece of Netgate IP including software and hardware, and we as home/lab users are clearly a beta-testers who consent to providing remote access at any time for any vague reason remotely close to evaluating performance of the Product.
The part that says "subject to the Evaluator’s security regulations" means you decide if you want them to access the system
@@LAWRENCESYSTEMS you could say that if you were their lawyer, but in reality this documents defines their rights and freedoms as well as user's obligations to them, all in writing. Is there any place where user rights are stated in writing? Ofc no, which creates a lot of grey area and I believe they should clear things up in their license and not mix contexts of evaluation, support and non-commercial use of their software all in one pile. Most of home/lab users won't have support and it makes no sense for them to give consent for required 3rd party actions.
This clause only makes sense it terms of metrics collection keeping in mind target userbase of "evaluation" license. And this is not very welcome as well in the context of firewall software as a network security egde-device. If they require metrics data, then it should be in a separate agreement, same for support agreement.
Right now I see it as: "from now on, you may continue using our software, but it's not really a project anymore, but rather a solid product and we own everything about it, even the networks it serves for free."
@@Mr.Leeroy No, I did not wright that as if I was a lawyer. To me "subject to the Evaluator’s security regulations" seems fairly clear but this is also why I don't bother making a video debating about the licence on UA-cam because the moment you say any part is clearly written people will tell you it is not and just turns into a debate like this one. If I am using pfsense+ I am fairly certain that I become the "Evaluator" and Netgate's ability to access my equipment is based on "the Evaluator’s security regulations". Also, if you have used their TAC support your would know they have to have you configure remote access for them to get in by manually opening ports, not through some hidden backdoor.
Haha using 2.7 now great call on that!
I would like to point out that the Plus Home version is lumped under the "Evaluation License" which is valid for only 1 year. After that?
This is my concern with Plus down the road: Since Plus is based on FE and FE only sold with Netgate hardware, I think it would be difficult for Netgate to continue to support 3rd party hardware with Plus from users migrating from CE to Plus Home. Therefore, I fear that after migrating to Plus Home, support for those 3rd party hardwares will be phased out and Plus Home users will be required to purchase Netgate hardware. And at that point Plus will have diverged so much from CE that going back will mean a Fresh install with No backup migrations available. It just not make business sense to add 3rd party hardware support to Plus Home (Free) Users. Either that, or Netgate will start charging Home users a license fee.
Not really a concern because the hardware / driver drive support comes from the FreeBSD code base they share, not as part of packages that are added on.
That shirt is awesome. What do you think of the Netgate 6100?
I thought the video was good, but I would like to see a demo of the things that plus adds. I know you listed them, but I am not really sure what they are and you didn't say or show why you would want them. I have watched a number of videos showing how easy it is to upgrade to plus. The other thing I can't find is what does non-commercial really mean? If I work from home and work for a company is that non-commercial if the firewall really has nothing to do with the company other than traffic is running through it? Thank you for your videos.
Maybe, but they are not particularly complex tools. The OpenVPN import simply imports OpenVPN config files and the IPSec Export tools do what their name implies. And the best I can tell from the documentation is that QAT only helps IPSec (unless I am misunderstanding it) docs.netgate.com/pfsense/en/latest/hardware/cryptographic-accelerators.html
I have to wonder if pfSense plus home and lab is going end up being like TNSR where your don't get updates with out reinstalling as it lists updates as a specific feature of tac lite, pro, and ent.
Thanks Tom for this video!
So there is no separate binary available for plus (eg you have to install CE then in-place upgrade)?
How about running pfSense on Protectli hardware but separated from the hardware with ESXi for additional security and reliability? CE or Plus? Images are easier to manage.
That is more complexity but not more security. pfsense can be virtualized, I run most of my demos using pfsense inside of XCP-NG. I don't use ESXI, but it is supported in pfsense.
Great video - can you do an up-dated Suricata - PfgBlocker install and config?
I don't think anything has changed since my last videos on those topics
@@LAWRENCESYSTEMS OK thanks.
Do plus and ce pull packages from same repo?
@TomLawrenceTech This is the second time I have heard you mention a dashboard to manage multiple pfsense instances. Where did you see that they are working on this?
In the pfsense plus announcement from Jan 2021 and I pulled it on on the screen and highlighted it in the video.
@@LAWRENCESYSTEMS thanks, all I could find is a mention on redit.
@@LAWRENCESYSTEMS oh.... Sorry.... I just went back and watched the section where you talked about it. Maybe I should start actually watch your videos instead of just listening to them.
Reverted back to 2.5.2 becase 2.6 (CE & Plus) both broke my upload (was getting only 0.2mbps instead of 250mbps) and that broke my Plex. No upgrade for now :D
I appreciate this video
I'm keen for some logs / graphs in some kind of home/lab paid extra
As per usual thank you for the breakdown. On another note! I am by no means an expert, but it is downright comical how commentors on Redditt have lost their collective minds. The difference between the CE version as compared to the Plus (that requires an agreement to use it for "evaluation" "while it is free") is pretty obvious.
Its free now this is a disturbing change.
Been wondering what the real difference was... And given no product available I'm glad we can add support and plus now.
Just need that dashboard!
Support has been a thing for a long time.
Thanks for that video.
How do you route between multiple subnets on pfsense , so I can have a server on one subnet ethernet port and have my laptop on another subnet ethernet port and be able to access the server through my laptop ? I created all the firewall rules to, But I can't access my server through my PC
Via the firewall rules ua-cam.com/video/bjr0rm93uVA/v-deo.html
Does pfSense Plus also include hardware-related features that the CE version does not have? Such as:
- Support for ARM CPUs (can you install this version on an ARM-based computer that is not a Netgate appliance?)
- Seamless BIOS update for Netgate appliances?
- Support for Marvell switch configuration
Technically it does, but only for Netgate devices which is why I did not list them.
Tom looks different. Not sure exactly why.
I'm from the future, and 2.6 was the end.
Must be a different timeline because pfsense 2.7 CE has been released.
Just sell support and stop with this nonsense.
Also sense. Not sence.
😀 fixed
The amount of editing you did made me nauseous
The moving screen shots?
@@LAWRENCESYSTEMS wtf, I made that comment on the video I watched before yours, guess I took too long to post it, UA-cam needs to fix that
First
Tom, I like your videos but they are boring AF (no offense).
Not everyone likes "Pants on Fire" videos, especially for technical subjects.
Imo Tom does a really good job with his videos. If you're interested in the topics he covers it's not boring.
I'm glad you like my boring videos
@@AG-no8zq I never said he doesn't. He is awesome. Like I find all the stuff he cover so interesting but I don't like the way the videos are stretched out adding stuff that doesn't really relate. And I know creators have to make money and he definitely deserves but it kills my energy.
@@LAWRENCESYSTEMS I definitely do. Thanks for what you are doing for the community.