OPNsense Forum

English Forums => Development and Code Review => Topic started by: thowe on September 23, 2017, 04:53:16 pm

Title: About the testing of OPNsense
Post by: thowe on September 23, 2017, 04:53:16 pm
Hello everybody,

first of all: many thanks to all of you contributing to OPNsense. I am impressed how clean and logical everything is presented. Really a great UI and functionality!

I am currently evaluating a firewall for my home installation. The most important things for a firewall to me are: 1. security and 2. reliabilty.

I am software engineer and like build and test automation a lot. One thing I asked myself is: how are releases of OPNsense built and tested? I could not find anything about the testing process. Is there some kind of an automated build and testing process? Maybe someone can give some insights.

Thanks & kind regards,
Title: Re: About the testing of OPNsense
Post by: franco on September 23, 2017, 05:47:13 pm
Hi Tom,

Packages are built on a nightly basis, see


Into that script we also weave the test suite, which is a conglomerate of sanity checks, integrity checks, syntax checks and unit tests:


You can find the unit test framework here:


New features and reworks are staged on the development (master) branch and we create new stable branches (e.g. stable/17.7) for each major release from said master branch (twice a year). During the minor releases we cherry-pick changes after they have been buffered in the master branch for at least a week unless the fixes are more critical or receive direct field testing.

To improve testing of patches, packages and releases we also wrote a few tools that make reverts possible or pull code from github directly, install custom kernels, etc. There is also a crash reporter to submit PHP errors and kernel crashes directly to us, or leave a note and contact data in case a hard to find issue is at hand.


The tests aren't perfect and can certainly be enhanced into many directions. But it will also keep contributions from being merged or new features being developed. It's a trade off we try to manage.

If you want to know more please let me know. :)