"
I give you an assessment of my various tests concerning the migration to OPNsense.
Regarding Freeradius, everything works very well, identification is good, in short, it's like pfS !
On the part Captive Portal, Traffic Shaper does the job perfectly, however and as I mentioned above, it lacks various features, we find the MAC addresses allowed, but nothing to block, or customize the bandwidth. I watched how pfS generates its rules, and here is the result with the name "test", and a bandwidth of 300Kbit :
Another missing feature, and useful for those who want to do external activations, is the Allowed Hostnames option. I looked at their source codes, and the function captiveportal_allowedip_configure_entry is all stupid, it uses the internal gethostbyname function of PHP to convert the hostname to IP, then generates its rules with also a bandwidth personalized.
To conclude, there is not much missing, for those who wish to make the leap to OPNsense, the integration of the bandwidth for each zone, and something quite possible, and fast enough to put in place. However, on comments from your GitHub repository, your architecture is totally different, and can not easily incorporate the same rules as pfS.
It is a challenge that I would have to take up, but between redoing my identification portal with registration form, plus the addition of working with tests, it is a job that would take me too much time to achieve.
I found so far the solution to virtualize under pfS, with Bhyve, a beautiful emulator that does not even require a graphical environment, because the framebuffer part does it in IP under VNC:
https://www.ateamsystems.com/tech-blog/howto-windows-10-bhyve-w-freebsd-11/
I was able to install a Windows 10, and facilitate my testing of each VLAN linked to an area of the captive portal, in the end, I do not need to have a second PC desktop to remotely test the result of my Wifi portals.
So I will stay for the moment under pfS, to catch up the delay that I cumulated during these last weeks, and to plan later the migration towards OPNsense.
Question: Will we ever have the opportunity to have these few missing features ?
If no certainty, do you advise me to make it under a plugin, or an agreement to do it on the core of OPNsense, and after validation on your part, you will add it on your deposit ?
Regarding Freeradius, everything works very well, identification is good, in short, it's like pfS !
On the part Captive Portal, Traffic Shaper does the job perfectly, however and as I mentioned above, it lacks various features, we find the MAC addresses allowed, but nothing to block, or customize the bandwidth. I watched how pfS generates its rules, and here is the result with the name "test", and a bandwidth of 300Kbit :
Code Select
table _pipe_mac delete any,08:00:27:00:00:00
table _pipe_mac delete 08:00:27:00:00:00,any
pipe delete 2000
pipe delete 2001
pipe 2000 config bw 300Kbit/s queue 100 buckets 16
pipe 2001 config bw 300Kbit/s queue 100 buckets 16
table test_pipe_mac add any,08:00:27:00:00:00 2000
table test_pipe_mac add 08:00:27:00:00:00,any 2001Another missing feature, and useful for those who want to do external activations, is the Allowed Hostnames option. I looked at their source codes, and the function captiveportal_allowedip_configure_entry is all stupid, it uses the internal gethostbyname function of PHP to convert the hostname to IP, then generates its rules with also a bandwidth personalized.
To conclude, there is not much missing, for those who wish to make the leap to OPNsense, the integration of the bandwidth for each zone, and something quite possible, and fast enough to put in place. However, on comments from your GitHub repository, your architecture is totally different, and can not easily incorporate the same rules as pfS.
It is a challenge that I would have to take up, but between redoing my identification portal with registration form, plus the addition of working with tests, it is a job that would take me too much time to achieve.
I found so far the solution to virtualize under pfS, with Bhyve, a beautiful emulator that does not even require a graphical environment, because the framebuffer part does it in IP under VNC:
Code Select
-s 7,fbuf,tcp=0.0.0.0:5900,w=1024,h=768,waithttps://www.ateamsystems.com/tech-blog/howto-windows-10-bhyve-w-freebsd-11/
I was able to install a Windows 10, and facilitate my testing of each VLAN linked to an area of the captive portal, in the end, I do not need to have a second PC desktop to remotely test the result of my Wifi portals.
So I will stay for the moment under pfS, to catch up the delay that I cumulated during these last weeks, and to plan later the migration towards OPNsense.
Question: Will we ever have the opportunity to have these few missing features ?
If no certainty, do you advise me to make it under a plugin, or an agreement to do it on the core of OPNsense, and after validation on your part, you will add it on your deposit ?
