"
Me do it? LOL I can literally see mountains toppling and airplanes falling from the sky...lol I have absolutely no skill in those areas. This would be an excellent project for crowdsourcing! Plenty of young up n comers would love to attach their name to a project like OPNsense and gain some credibility.
This section allows you to view all posts made by this member. Note that you can only see posts made in areas you currently have access to.
Pages1
#2
General Discussion / Re: Any chance of an SYNOLOGY type of FREENAS?
June 07, 2015, 07:31:50 PM
I did put my thoughts to them in the forums/feedback/ suggestions areas. I have been doing it for over 2 years. It is a great product but they seem to be very stubborn to change. lol
#3
General Discussion / Re: New here and just saying Hello!
June 07, 2015, 07:29:56 PM
Just putting a place marker here. Running errands and going to the gym. When I get back I will respond to this. Some really great stuff here. Thanks!
#1 -
PC-BSD
Hmmmm, pretty neat. I will have to investigate it. Could this be a great way to learn FreeBSD without having to deal with the raw command line only *.BSD style OS?
#2 - OK. You mentioned some great starter tips there so I will check them out. I do have an insanely busy 2 months ahead of me so I have to temper my eagerness to dive in with my workload. Literally working 6-7 days a week to meet various client deadlines (sole proprietor here!) all fudged up due to construction delays. Several thousand feet of Cat6 to drop, a few hundred Keystone Jacks to put in, rack systems to set up, Synology NAS appliances, WiFi APs, and even a Ubiquiti NanoBeam AC to install to bridge 2 old buildings half a mile apart in a remote wooded campus. *Truth be told, that is going to be fun to do. I love doing the oddball stuff! Gets my blood flowing.
#3 -
"In a totally professional IT you would not need to have a pfSense at all in the first place!"
Yeah, true for sure. I like offering something like PF/OPNsense to the many small biz clients I deal with that really are on tight budgets. Although, I rarely find it affordable though because by the time I build and setup their custom rig, they could have bought a UTM like the ZyXel USG40. Still, I try to promote the open source items out there to build awareness and open minds.
#4 -
"I see no stoneage, at all: Look up our LibreSSL aproach"
Sorry, I was not clear. I meant that I feel that vibe from the pfSense project specifically, not the 'pf' world in general. Did I say that clearly or just confuse you further? lol I definitely get the impression OPN is trying to be more advanced....absolutely! Again, I don't want to criticize or armchair quarterback too much because I have very limited knowledge of these subjects and have no grounds to point fingers. And to be fair, I have been reading about their plans for 2.3 and it seems like they are going to be more progressive. Which also makes me wonder if that was their intention or did the OPN project motivate them? lol Either way, a fun ride for goofs like me.
#1 -
PC-BSD
Hmmmm, pretty neat. I will have to investigate it. Could this be a great way to learn FreeBSD without having to deal with the raw command line only *.BSD style OS?
#2 - OK. You mentioned some great starter tips there so I will check them out. I do have an insanely busy 2 months ahead of me so I have to temper my eagerness to dive in with my workload. Literally working 6-7 days a week to meet various client deadlines (sole proprietor here!) all fudged up due to construction delays. Several thousand feet of Cat6 to drop, a few hundred Keystone Jacks to put in, rack systems to set up, Synology NAS appliances, WiFi APs, and even a Ubiquiti NanoBeam AC to install to bridge 2 old buildings half a mile apart in a remote wooded campus. *Truth be told, that is going to be fun to do. I love doing the oddball stuff! Gets my blood flowing.
#3 -
"In a totally professional IT you would not need to have a pfSense at all in the first place!"
Yeah, true for sure. I like offering something like PF/OPNsense to the many small biz clients I deal with that really are on tight budgets. Although, I rarely find it affordable though because by the time I build and setup their custom rig, they could have bought a UTM like the ZyXel USG40. Still, I try to promote the open source items out there to build awareness and open minds.
#4 -
"I see no stoneage, at all: Look up our LibreSSL aproach"
Sorry, I was not clear. I meant that I feel that vibe from the pfSense project specifically, not the 'pf' world in general. Did I say that clearly or just confuse you further? lol I definitely get the impression OPN is trying to be more advanced....absolutely! Again, I don't want to criticize or armchair quarterback too much because I have very limited knowledge of these subjects and have no grounds to point fingers. And to be fair, I have been reading about their plans for 2.3 and it seems like they are going to be more progressive. Which also makes me wonder if that was their intention or did the OPN project motivate them? lol Either way, a fun ride for goofs like me.
#4
General Discussion / Re: WISH LIST for OPNsense
June 07, 2015, 07:28:13 PMQuote from: chol on June 07, 2015, 03:15:39 PM
Please keep in mind, that our OPNsense project just started
No excuse! You should have started perfectly from day one! LOL :P
All kidding aside - I love to see people like you start these new projects! Competition is a wonderful thing. You are based in The Netherlands. I am from America and I have direct personal experience seeing what damage can come from a lack of it - mergers, acquisitions and monopolies - it is destroying growth and innovation here. As an example - in most states here, generally, there is no choice when it comes to broadband access. You can either choose the local cable company monopoly or the telco DSL service. That is not a choice and as un-American as it can get.
So, I always try to educate family, friends and clients about open source and projects like this one. It is wonderful to see new ideas and innovation! Icing on the cake? It's free! WOW!
#5
General Discussion / Re: OPNsense mascot
June 06, 2015, 03:59:42 PM
I like it. WOuld love to see a different version. Something with a full body like the Android Bot DROID guy thingy who-zee what-sit. lol THis would be great on t-shirts and desktop bobble-heads and stickers.
#6
General Discussion / Any chance of an SYNOLOGY type of FREENAS?
June 06, 2015, 03:54:47 PM
Huh? WTF am I talking about?
Let me explain. ;D
I get the impression the people behind OPN are going to create what I have always dreamed PF could be. Ergo, I would love to see a similar project for FREENAS.
What has prevented me and others from using or offering FREENAS as a solution is the exact thing that makes it so great - it is only good at storage. Period. It does it very well and add-in ZFS and ECC RAM and you are blown away. Yet, this is exaclty what is bad about it. It does not do much else unless you want to go rolling in the deep of strange packages, CLI, duct tape and reading from the book of Dr. Frankenstein.
If someone could take that basic structure and make it function like Synology or QNAP - it would be shake the earth IMO. A Synology or QNAP device can be lean mean storage but can also offer more with their extensive library of add-ons. This gives SOHO and MICRO biz clients the most bang for the buck. Sadly, their low to midrange products do not offer ECC RAM or ZFS. Yet, I can build a $500 FREENAS box with ECC ram! UGHHH!
Any way, just food for thought guys. Maybe you have some friends either jealous of your OPN project or just bored and looking for something to dig into.
Let me explain. ;D
I get the impression the people behind OPN are going to create what I have always dreamed PF could be. Ergo, I would love to see a similar project for FREENAS.
What has prevented me and others from using or offering FREENAS as a solution is the exact thing that makes it so great - it is only good at storage. Period. It does it very well and add-in ZFS and ECC RAM and you are blown away. Yet, this is exaclty what is bad about it. It does not do much else unless you want to go rolling in the deep of strange packages, CLI, duct tape and reading from the book of Dr. Frankenstein.
If someone could take that basic structure and make it function like Synology or QNAP - it would be shake the earth IMO. A Synology or QNAP device can be lean mean storage but can also offer more with their extensive library of add-ons. This gives SOHO and MICRO biz clients the most bang for the buck. Sadly, their low to midrange products do not offer ECC RAM or ZFS. Yet, I can build a $500 FREENAS box with ECC ram! UGHHH!
Any way, just food for thought guys. Maybe you have some friends either jealous of your OPN project or just bored and looking for something to dig into.
#7
General Discussion / Re: WISH LIST for OPNsense
June 06, 2015, 03:43:47 PM
Totally agree with all of the above! I'll add to this -
Forgive my constant referencing of pfSense, as it is the only FREEBSD exposure I have ever had router-wise.
#1 - EDITABLE THEMES -
easily accessed and EASILY edited/customized. I don't care about re-branding, though obviously some would love that. I would like it more for general reasons. Example - the webconfig login screen will show the product is OPNsense. I would love to be able to easily 'vanilla' this with my own image and create a generic login page that does not give any clue as to the router OS. I have a client whose employee went to the login page of the pfSense gateway, saw that it was pfSense, and began Googling the various hacks to bypass it. And he did! When confronted (before he was fired) he admitted that the "login page gave it away". If the page had just a pretty picture that said WELCOME! Login: Password: and nothing more he would have been stumped. Security aside, maybe for goofy fun, I would like to put pictures of mountains or oceans or maybe a theme that allows me to use a router name/description (Router - 1st Floor - Library Building) so I know which one I just connected to without actually having to login. This shouldn't be hard or compromise performance or security so I cannot imagine why it could not easily be integrated.
#2 - DOCUMENTATION -
One thing pfSense seems to have dropped the ball on is proper documentation. Unless I am mistaken, you either have to pay $100 (GOLD STATUS) to get their book and keep paying every year for the regular updates or search and comb through myriads of unclear forum pages. Their online handbook is not a bad start and certainly helps a lot, but it still leaves much to be desired and is often left at generic boilerplate levels of detail with no case study or use examples. OPNsense should not make this mistake.
#3 - CRON JOB STORAGE -
One thing that frustrates me with pfSense is that I cannot store CRON jobs in a disabled state for later use. I can setup and store Firewall Rules and just set them as disabled. Couldn't the same be done for CRON jobs? Or just offer some kind of 'storage' for them and a simple CRON tab with an ADD/REMOVE section?
Currently I keep various CRON jobs in an Excel spreadsheet then copy/paste as needed. Sooooooo 1995! lol
#4 - AUTO RESET STATES -
pfSense seems hit or miss on this. You setup rules to throttle bandwidth or shut off internet access but someone doing something a bit meatier like a Skype session will remain connected LONG after the rule went into effect. So, you have to cron job to either reset all states or just reset for a certain ALIAS group. Why isn't that just automatically incorporated into a firewall rule and programmed to comply with the ALIAS of that rule only? Example - Terminate internet access at 11PM for alias - IP ADDRESS GROUP - then a state reset runs and only resets 'IP ADDRESS GROUP' and leaves everyone else untouched. Talk about making the life of an admin easier! High end firewalls terminate when told to terminate. I would think PF and OPN could do this too.
That is about all I can think of for now. Will add more if I think of any.
Forgive my constant referencing of pfSense, as it is the only FREEBSD exposure I have ever had router-wise.
#1 - EDITABLE THEMES -
easily accessed and EASILY edited/customized. I don't care about re-branding, though obviously some would love that. I would like it more for general reasons. Example - the webconfig login screen will show the product is OPNsense. I would love to be able to easily 'vanilla' this with my own image and create a generic login page that does not give any clue as to the router OS. I have a client whose employee went to the login page of the pfSense gateway, saw that it was pfSense, and began Googling the various hacks to bypass it. And he did! When confronted (before he was fired) he admitted that the "login page gave it away". If the page had just a pretty picture that said WELCOME! Login: Password: and nothing more he would have been stumped. Security aside, maybe for goofy fun, I would like to put pictures of mountains or oceans or maybe a theme that allows me to use a router name/description (Router - 1st Floor - Library Building) so I know which one I just connected to without actually having to login. This shouldn't be hard or compromise performance or security so I cannot imagine why it could not easily be integrated.
#2 - DOCUMENTATION -
One thing pfSense seems to have dropped the ball on is proper documentation. Unless I am mistaken, you either have to pay $100 (GOLD STATUS) to get their book and keep paying every year for the regular updates or search and comb through myriads of unclear forum pages. Their online handbook is not a bad start and certainly helps a lot, but it still leaves much to be desired and is often left at generic boilerplate levels of detail with no case study or use examples. OPNsense should not make this mistake.
#3 - CRON JOB STORAGE -
One thing that frustrates me with pfSense is that I cannot store CRON jobs in a disabled state for later use. I can setup and store Firewall Rules and just set them as disabled. Couldn't the same be done for CRON jobs? Or just offer some kind of 'storage' for them and a simple CRON tab with an ADD/REMOVE section?
Currently I keep various CRON jobs in an Excel spreadsheet then copy/paste as needed. Sooooooo 1995! lol
#4 - AUTO RESET STATES -
pfSense seems hit or miss on this. You setup rules to throttle bandwidth or shut off internet access but someone doing something a bit meatier like a Skype session will remain connected LONG after the rule went into effect. So, you have to cron job to either reset all states or just reset for a certain ALIAS group. Why isn't that just automatically incorporated into a firewall rule and programmed to comply with the ALIAS of that rule only? Example - Terminate internet access at 11PM for alias - IP ADDRESS GROUP - then a state reset runs and only resets 'IP ADDRESS GROUP' and leaves everyone else untouched. Talk about making the life of an admin easier! High end firewalls terminate when told to terminate. I would think PF and OPN could do this too.
That is about all I can think of for now. Will add more if I think of any.
#8
General Discussion / Re: New here and just saying Hello!
June 06, 2015, 01:57:59 AM
Thank you kindly Franco for the words and the welcome.
Yes, I understand upgrades, etc. don't always go well and I don't expect perfection. I think my point was that there is maybe a bit too much 'chaos' with pfSense at this time. Again, I hate to judge because I only know Windows. That is my world. I work with it, in it, every day. FreeBSD is such a strange world to me. I plan on taking small bites at it when I can over the next few years and try to become more educated/skilled. I realize the *BSD wizards out there can make pfSense and OPNsense dance to any tune they desire.
All of that said, I look at the OPNsense GUI and it is so much more lovely! I guess Bootstrap is today what Ajax was or could have been? Sorry if I am ignorant...I am a network guy, not a programmer. lol I have literally just started to play with WordPress to revamp my corp. website.
Question -
I have installed OPNsense under VMWARE Workstation 11 yesterday and toyed a bit with it. Don't have VM TOOLS installed yet...but don't think I even need them...or do I for security/performance?
My next step is to wait for your road map release at July 1st that will allow pfSense configs to be imported. Then I am going to install to a spare HD I have and put it in my home router and go live for a week or so. If I have a problem, I can easily put the pfSense HD back in.
It also seems that OPNsense has WLAN support that is ahead of or better than PF. Just my impression from skimming your website and materials quickly. That is nice to see, because the main POV with the PF gurus is don't even bother, just get an AP and plug it into a port. Which is fine and what I prefer to do in the business world. However, it is definitely nice to see some progress toward newer technologies. Sometimes it seems like the PF crowd are happy living in the stone age...so to speak. Again, just my observations and not meant to put down any project. I enjoy options and look forward to seeing PF and OPN grow and progress successfully.
Yes, I understand upgrades, etc. don't always go well and I don't expect perfection. I think my point was that there is maybe a bit too much 'chaos' with pfSense at this time. Again, I hate to judge because I only know Windows. That is my world. I work with it, in it, every day. FreeBSD is such a strange world to me. I plan on taking small bites at it when I can over the next few years and try to become more educated/skilled. I realize the *BSD wizards out there can make pfSense and OPNsense dance to any tune they desire.
All of that said, I look at the OPNsense GUI and it is so much more lovely! I guess Bootstrap is today what Ajax was or could have been? Sorry if I am ignorant...I am a network guy, not a programmer. lol I have literally just started to play with WordPress to revamp my corp. website.
Question -
I have installed OPNsense under VMWARE Workstation 11 yesterday and toyed a bit with it. Don't have VM TOOLS installed yet...but don't think I even need them...or do I for security/performance?
My next step is to wait for your road map release at July 1st that will allow pfSense configs to be imported. Then I am going to install to a spare HD I have and put it in my home router and go live for a week or so. If I have a problem, I can easily put the pfSense HD back in.
It also seems that OPNsense has WLAN support that is ahead of or better than PF. Just my impression from skimming your website and materials quickly. That is nice to see, because the main POV with the PF gurus is don't even bother, just get an AP and plug it into a port. Which is fine and what I prefer to do in the business world. However, it is definitely nice to see some progress toward newer technologies. Sometimes it seems like the PF crowd are happy living in the stone age...so to speak. Again, just my observations and not meant to put down any project. I enjoy options and look forward to seeing PF and OPN grow and progress successfully.
#9
General Discussion / New here and just saying Hello!
June 03, 2015, 05:24:21 AM
Just stumbled across OPNsense. WOW! I just got done reading "So why did we fork?" All I can say is WOW!
Pretty new to pfSense, been a dedicated user for over almost 2 years, prior to that I was a long time DD-WRT user.
My story is likely typical. Grew sick of the consumer junk and DD-WRT let myself and my clients have an advanced, feature rich yet affordable solution. As time went by, the website/mission of DD-WRT became more and more of a mess. It was time to move on. pfSense has filled that void quite nicely. However, I find myself sailing the same troubled waters! Although pfSense has improved tremendously, I still hesitate to update because I never know if it will go smoothly or if it will fail and present me with hard to resolve gremlin issues that take forever to fix.
These two lines from the "fork" article -
"As much as we love the functionality/feature set of pfSense, we do not enjoy the code quality and anarchistic development method."
"Fully reworked the GUI to a modern Bootstrap based one that is also easier to customize if you want to."
caught my attention enough to make me immediately register as a forum member(I did!)and want to set up an OPNsense VMWARE machine, try it, test it(I will!) and eventually migrate to it.
So, if you will pardon me, I have some research to do! lol
Pretty new to pfSense, been a dedicated user for over almost 2 years, prior to that I was a long time DD-WRT user.
My story is likely typical. Grew sick of the consumer junk and DD-WRT let myself and my clients have an advanced, feature rich yet affordable solution. As time went by, the website/mission of DD-WRT became more and more of a mess. It was time to move on. pfSense has filled that void quite nicely. However, I find myself sailing the same troubled waters! Although pfSense has improved tremendously, I still hesitate to update because I never know if it will go smoothly or if it will fail and present me with hard to resolve gremlin issues that take forever to fix.
These two lines from the "fork" article -
"As much as we love the functionality/feature set of pfSense, we do not enjoy the code quality and anarchistic development method."
"Fully reworked the GUI to a modern Bootstrap based one that is also easier to customize if you want to."
caught my attention enough to make me immediately register as a forum member(I did!)and want to set up an OPNsense VMWARE machine, try it, test it(I will!) and eventually migrate to it.
So, if you will pardon me, I have some research to do! lol
Pages1
