OPNsense Forum

English Forums => General Discussion => Topic started by: phoenix on November 24, 2017, 02:48:05 pm

Title: How pathetic!!
Post by: phoenix on November 24, 2017, 02:48:05 pm
I really couldn't believe this when I read it: https://forum.opnsense.org/index.php?topic=6466.msg27740

I knew the were a bunch of arrogant !!!!!!! (put you own comment in there) but I didn't think they'd be that desperate. You guys must be doing something right, keep up the good work. :)

I, for one, am pleased I installed OPNsense and hang around these much more friendly forums and I congratulate the team for a great product and great support.
Title: Re: How pathetic!!
Post by: chemlud on November 24, 2017, 02:52:42 pm
First time I think positive on "intellectual property rights".

I don't use paypal or the like, how to transfer some money in support of OPNsense? Reply by PM...
Title: Re: How pathetic!!
Post by: hutiucip on November 27, 2017, 09:35:34 am
I now remember a saying:

If nobody gossip about you, if nobody talks badly about you, if nobody hates you, and if nobody tries to put you down, it means you're doing something wrong!

There is no good work passing unobserved forever, keep up this good work, and sh** like this will be only bad advertising with positive effects. I'm sure about that.

Again, keep up the good work, guys!!! (!)

PS Personally, I don't even know how I could live without OPNsense until now, I'm very glad that I discovered it (word-of-mouth, BTW, so... You get it!...  ;)) and I barely wait for my OPNsense box from Deciso, and to be able to budget an even small monthly donation for the project - OPNsense box + donation expected in Jan or Feb 2018.
Title: Re: How pathetic!!
Post by: Wayne Train on November 27, 2017, 11:15:56 am
Wow...

I always tried to pay no attention to this mud fight, and ignore PFs bashing, since for me it seemed like something similar like the eternal "eamcs vs. vi" discussion. But now PF has gone too far and I'm happy having switched over to OPN. Their behaviour ist completely against my beliefs, that open source projects should stick together and inspire each other...
Very, very poor PF!

Best regards,
Wayne
Title: Re: How pathetic!!
Post by: Stefan on November 29, 2017, 07:50:20 pm
There is a saying in US sports;

No one hates a team that sucks, they are pitied! 

You must be doing something right to catch so much grief.
Title: Re: How pathetic!!
Post by: cmb on December 03, 2017, 04:34:04 am
Sorry you guys had to waste the effort and money on it. I feel your pain, but will have to leave it at that (for now, at a minimum).

Being so strongly associated with pfSense, I just wanted to leave a note that I'm no longer involved there, and had no involvement in any of this.

I heard pfsense/FreeBSD-src repo is no longer being updated the past few months (e.g. they're not building from the github repos and not making the OS source available). I don't follow things there, fully consumed with work at Ubiquiti, but there are a number of little birdies that get in touch from time to time. :) That leaves OPNsense the only truly open source BSD firewall distro under active development.
Title: Re: How pathetic!!
Post by: mimugmail on December 03, 2017, 06:10:31 am
Chris, if you have some time at U., I'd love to build your controller as a plugin for OPN, already ordered a UAP-AC-PRO and UAP-AC-LR. Would be a nice addition to the project to make this a more complete UTM. :)
Title: Re: How pathetic!!
Post by: franco on December 03, 2017, 08:50:11 am
Chris, if you have some time at U., I'd love to build your controller as a plugin for OPN, already ordered a UAP-AC-PRO and UAP-AC-LR. Would be a nice addition to the project to make this a more complete UTM. :)

... Michael is all work. :)
Title: Re: How pathetic!!
Post by: Gargamel on December 04, 2017, 12:33:32 pm
Good thing i decided to go with OPNSense over pfSense, but mainly because of elitist answers and noses stuck up in the air, not being of any help in the forum when askin for help.
Title: Re: How pathetic!!
Post by: athurdent on December 08, 2017, 09:03:56 am
They also distribute binary blobs on the newer versions now:
https://github.com/doktornotor/pfsense-closedsource/blob/master/var_run%20space%20totally%20consumed%20by%20gnid.pdf
Having a tool on my firewall that somehow generates a system support id I do not necessarily need on a community supported edition leaves a sore taste.

Plus they seem to be very unlucky when it comes to hire staff that deals with the public / users / reddit.

I already switched most of my config to a USG, I think I might switch to OPNsense for the things the USG cannot do yet or is too slow for (i.e. OpenVPN).
I won't be missed over there :)
Title: Re: How pathetic!!
Post by: MasterXBKC on December 10, 2017, 08:24:59 am
And as of late, refusing to honor our warantees as well.....
Title: Re: How pathetic!!
Post by: 3kj2w on February 02, 2018, 10:30:47 am
Hello,

I was disappointed when I found about this netgate story and started to investigate a little, finally I was banned from dark side forum after they read my... Private Messages. They didn't deleted my account as this can be seen by all users...  wow what a surprise. Not a problem as I don't want to be associated in any way with dark forces.

The interesting thing is that after I set-up in different countries a monitoring log for few pfsense firewalls v2.3.x where I don't have anything related to them active: no update, ntp, dns...  and still found it is chatting to dark HQ without my consent ?!
I tracked and blocked:
162.208.116.0/22
208.123.73.0/24

and this are the destination IP where dark firewalls try to connect like crazy now without any notification:
162.208.119.40:443
162.208.119.41:443
162.208.119.38:53
Title: Re: How pathetic!!
Post by: athurdent on February 02, 2018, 12:50:20 pm
Interesting.

162.208.119.38 is ns2.netgate.com, so if you run unbound as a resolver without any forwards and try to resolve www.netgate.com, you'll probaby see port 53 traffic a lot.
The .40 and .41 seem to be used when pressing the "check for update" button, at least when I press it, tcpdump shows SSL traffic to them.

Would be really great if OPNsense had tls-crypt support for OpenVPN, then I could give it a try. :)

Title: Re: How pathetic!!
Post by: 3kj2w on February 02, 2018, 02:51:33 pm
As you can see in this print screens one pfsense firewall try to phone home every 10 minute after was unable to contact HQ C&C, it has the same IP as they banned. Unbound Resolver seem that it is not helping here...

(https://s17.postimg.org/4n72gwnln/Screenshot_2018-02-02_14-17-41.jpg) (https://postimg.org/image/4n72gwnln/) (https://s17.postimg.org/4zygn2qfv/Screenshot_2018-02-02_09-17-36.jpg) (https://postimg.org/image/4zygn2qfv/) (https://s17.postimg.org/hel8nepnv/Screenshot_2018-02-02_14-30-48.png) (https://postimg.org/image/hel8nepnv/)

Since pfsense entered Serial and Netgate Unique ID in to a community release advertised as OpenSource they can and they do track everybody who use this sw.... if you go to package they will know exactly what package you have installed and using.
If you post in pfsense/netgate forum they will know exactly your pfSense installation, package if it is linked to firewall IP.

< edited >
Title: Re: How pathetic!!
Post by: franco on February 02, 2018, 03:25:35 pm
Let's please not get into conspiracy theories here. :)
Title: Re: How pathetic!!
Post by: 3kj2w on February 02, 2018, 03:31:13 pm
OK I edited and only facts remained in post.
Title: Re: How pathetic!!
Post by: franco on February 02, 2018, 03:44:38 pm
Thank you :)


Cheers,
Franco
Title: Re: How pathetic!!
Post by: elektroinside on February 02, 2018, 03:59:59 pm
Most software developers add "call home" functionality to their software, sending and receiving data. That's not necessarily bad. What would be bad is to send home private and user identifiable data, without user consent. There's a line nobody should cross.
Title: Re: How pathetic!!
Post by: 3kj2w on February 02, 2018, 04:07:17 pm
Any sw that send data from user device without user knowing and accepting this it is bad.
Title: Re: How pathetic!!
Post by: mimugmail on February 02, 2018, 04:45:07 pm
I think this is the Update Check in the Dashboard which can be disabled ... Easy
Title: Re: How pathetic!!
Post by: 3kj2w on February 02, 2018, 09:27:17 pm
Nope it is not that easy this will disable the widget update check on main screen only, and I already had that checked from along time ago.

I did some hack ( add comment to line ) to disable the check in:
/usr/local/sbin/pfSense-upgrade -> # pfsense_upgrade=$(realpath $(dirname $0)/../libexec/$(basename $0))
and
/usr/local/www/system_update_settings.php -> // exec("/usr/bin/fetch -q -o {$g['tmp_path']}/manifest \"{$g['update_manifest']}\"");

also changed the repo address and keys in each file from dir:
/usr/local/share/pfSense/keys/
/usr/local/share/pfSense/pkg/repos
...

edit:
better to disable forever the binary that generate the ID: https://www.reddit.com/r/PFSENSE/comments/6gq84t/closed_source_for_netgate_unique_id_generator/
rm /usr/sbin/gnid

then to add a startup script that delete the uniqueid:
rm /var/db/uniqueid

after a reboot it is silence for the moment even if I navigate to update and package menus.

edit2:
bogons files are also downloaded from pfsense site and because are obsolete and dangerous you have to edit:
/etc/rc.update_bogons.sh
to point it directly to source:
Code: [Select]
v4url=${v4url:-"http://www.team-cymru.org/Services/Bogons/fullbogons-ipv4.txt"}
v6url=${v6url:-"http://www.team-cymru.org/Services/Bogons/fullbogons-ipv6.txt"}
...
Title: Re: How pathetic!!
Post by: 3kj2w on May 18, 2018, 09:30:11 pm
Darkness is expanding ? Anybody know the story behind this ?
(https://s7.postimg.cc/iq0vzyyrb/Screenshot_2018-05-18_21-27-06.png) (https://postimg.cc/image/iq0vzyyrb/)

It is not easy to hide the past:
https://github.com/doktornotor/pfsense-still-closedsource
https://github.com/rapi3/pfsense-is-closed-source
Title: Re: How pathetic!!
Post by: fabian on May 18, 2018, 09:44:10 pm
Just follow the "publicly posted" link and you can read the story. GitHub is very transparent in such cases.
Title: Re: How pathetic!!
Post by: franco on May 18, 2018, 10:18:46 pm
This is nothing new. Everything is open source, except when open source and forking hurts business. Then the trademark is enforced and DCMA is leveraged.  Same thing in 2014:

https://marc.info/?l=pfsense-dev&m=139961925220457&w=2

Let it go guys, nothing to see here...


Cheers,
Franco