I start OpnSense on VM and yes, this look much better than in PfSense. But still, in Insight i have IP's, not names, Tomato automatically resolve it (local and remote), OpnSense can to do this too? This better fit for data from first two photos. Thrid photo with data about transfer rates - Insight is not solution or i not see it. Where i click on local IP and get historical graph?One more thing - QOS. In tomato i check Bandwich limiter, set IP/MAC and max transfer for it. Few clicks and ip is limited. In OpnSense i get few pages witch tons of options, not see easy solution, i must make queues, rules, pipes. Grrrr, i need only limit one ip! Or make priority for DNS/www/ftp/whatever - QOS -> source/destination -> port/L7 -> bandwith -> done. Easy and uderstable. Powerful options in easy and clear GUI. In OpnSense we get extensive monitoring tools, each of which shows only a part of the necessary information. And there is no way to find something like that in Tomato. And it is precisely this type of charts with a minimum of redundant information that has caused that this firmware has been keeping its shape on the market for over 10 years. And no modern open source platform can even come close to that. Without tedious setting filters or breaking through hundreds of incomprehensible options. Click and after a few seconds you get a set of information - you can see if the computer has worms/rootkits, who occupies the whole band, etc. This is basic information about the network and should be available immediately in an understandable form. Why can't developers make it that simple in OpnSense for example?And i still buy routers for Tomato for friends. Set and forgot - work like a charm. Problem - fast look in gui and i see where is problem.
Ok, thanks. Sorry, maybye my last post is too pompous. But, i need simple solution which works. OpnSense works - but configuration is too problematic. When i test OpnSense i configured RouterOnAStick with one interface i cant find option to enter upstream dns server - basic option. Some time ago i need make 3-wan solution with failover/load balancing. I make config from tutorials - work terrible. Problems with sticky connections, login to banks or other sites almost always fail. Need make additional unlogic profiles, and other miracles. I buy cheap ER-X, set wizard config, set sticky connections and.... work without ANY issues. So, i suggest make interface easier and condense options in logic places.How i find worms? I have realtime connection lists, i can see connections to C&C, a upload do strange servers, or any other strange behavior. This is not perfect, but i always find problems with computers by this way. This is reason why i love this option. Or old internet radio have not working today time servers hardcoded. In connection list i find connections to port 123, make iptables rule to make destination, put it on custom firewall rules box - and work. Easy and fast. Ok, maybye im too stupid for this solution. But please - use 2 days router with Tomato - You see what i talking about. Advanced options in easy Gui. Opn is like a Webmin - all available options is displayed - confuse level max, faster and easier is make config by CLI.
Maybe openwrt or something like that is the way you have to look at - a router OS, not a enterprise level firewall
When you look at the competitors to OPNsense (Sophos,Watchguard,...) you'll see that OPNsense is the easiest one to configure and has the better UI.But with more functions you have more options...
Quote from: lfirewall1243 on January 09, 2021, 06:48:36 pmWhen you look at the competitors to OPNsense (Sophos,Watchguard,...) you'll see that OPNsense is the easiest one to configure and has the better UI.But with more functions you have more options...Ok, i agree, but what is preventing the solutions I am talking about? All in all, it is a matter of reorganizing the script, adding options to the gui. Do all advanced administrators feel better when it takes a few minutes to check a simple thing in the gui?
