Home
Help
Search
Login
Register
OPNsense Forum
»
English Forums
»
General Discussion
»
WISH LIST for OPNsense
« previous
next »
Print
Pages:
1
[
2
]
3
4
Author
Topic: WISH LIST for OPNsense (Read 36710 times)
chol
Jr. Member
Posts: 99
Karma: 17
Re: WISH LIST for OPNsense
«
Reply #15 on:
June 09, 2015, 02:55:20 pm »
As far as ZFS and OPNsense are concerned, actually it is sometimes not uninteresting to buy a book and read.
I bought me the new 2nd ed. of "The Design and Implementation of the FreeBSD Operating System". There, introductory page 24 has some interesting specs:
The Zettabyte filesystem is listed as having 256125 lines of code, which represent 16,2% of the machine-independent code of the 2015 FreeBSD kernel.
Out of a strict security viewpoint, this was a huge attack surface, isn't it?
Power failure: Did you have problems with the use of an embedded OPNsense version or with a full install? Seems to me, you're calling for a nanoBSD version at your site, with RAM disk and an external log server.
Logged
weust
Hero Member
Posts: 650
Karma: 57
Re: WISH LIST for OPNsense
«
Reply #16 on:
June 09, 2015, 03:11:42 pm »
You actually go though the pain or changing the colour for the occasional (re)boot of the machine?
Damn...
Logged
Hobbyist at home, sysadmin at work. Sometimes the first is mixed with the second.
Supermule
Full Member
Posts: 235
Karma: 15
Re: WISH LIST for OPNsense
«
Reply #17 on:
June 09, 2015, 03:18:17 pm »
No no it survives the reboot.
It doesnt survive an update to a newer version
Logged
franco
Administrator
Hero Member
Posts: 17665
Karma: 1611
Re: WISH LIST for OPNsense
«
Reply #18 on:
June 09, 2015, 03:25:53 pm »
Quote from: Supermule on June 09, 2015, 12:18:51 pm
I need some click and edit options
Maybe we can work out something better. Loader.conf should have a GUI like Tunables. We also want to bundle a colour picker for the themes eventually. Everything is SCSS so you can have branding colours throughout the GUI consistently.
chol: modern file system tend to grow considerably in LOC. It's a tradeoff between stability vs. complexity vs. features. Features and stability win for ZFS. Not sure about the volume of exploits against it, but I haven't seen many.
Logged
Supermule
Full Member
Posts: 235
Karma: 15
Re: WISH LIST for OPNsense
«
Reply #19 on:
June 09, 2015, 04:39:40 pm »
That would be awesome!
Currently using the file manager package in pfsense to do the editing.
Logged
windozer
Newbie
Posts: 15
Karma: 2
Re: WISH LIST for OPNsense
«
Reply #20 on:
June 10, 2015, 07:28:50 am »
I'm not sure whether this classifies as a wish for FreeBSD or OPNsense, but here it is -
baby-jumbo frames
in PPPoE.
Logged
jstrebel
Full Member
Posts: 188
Karma: 23
Re: WISH LIST for OPNsense
«
Reply #21 on:
June 10, 2015, 10:52:26 am »
What is the application for this? PPPoE is normally limitted by the operator to 14xx.
Gesendet von iPhone mit Tapatalk
Logged
windozer
Newbie
Posts: 15
Karma: 2
Re: WISH LIST for OPNsense
«
Reply #22 on:
June 10, 2015, 12:17:47 pm »
Mostly found in FTTx(fibre) and in some cases (v)DSL. It's an extension to PPPoE that makes up for the PPPoE overhead & thus to have MTU like LAN - therefore less segmentation. This is assuming that the WAN port is gigabit capable because the MTU is set to 1508. It's prevalent in UK and rest of the world.
RFC 4638 - Accommodating a Maximum Transit Unit/Maximum Receive Unit (MTU/MRU) Greater Than 1492 in the Point-to-Point Protocol over Ethernet (PPPoE)
OpenBSD RFC 4638 support for pppoe
«
Last Edit: June 10, 2015, 12:56:28 pm by windozer
»
Logged
gratis
Newbie
Posts: 15
Karma: 5
Re: WISH LIST for OPNsense
«
Reply #23 on:
June 16, 2015, 07:01:25 pm »
How about DNSCrypt?
Currently using OpenWRT router with DNSCrypt package, and a few FreeBSD machines using dnscrypt-proxy pkg with Unbound. Apparently, there is discussion on the PFSense forum of people doing a "pkg install dnscrypt-proxy" from the terminal and getting it setup FreeBSD style, even though it is not currently a PFSense package, but on OPNSense the package is not found in the repository.
I am currently testing the OpenDNS functionality of OPNSense, but there are a lot of DNSCrypt enabled DNS servers out there, other than just OpenDNS, as seen here:
https://github.com/jedisct1/dnscrypt-proxy/blob/master/dnscrypt-resolvers.csv
Just sharing my thoughts, for what it's worth... Great work, by the way.
Logged
franco
Administrator
Hero Member
Posts: 17665
Karma: 1611
Re: WISH LIST for OPNsense
«
Reply #24 on:
June 16, 2015, 07:33:57 pm »
Gratis, I have added dnscrypt-proxy to the package mirror:
https://github.com/opnsense/tools/commit/2d415dbd9facf476d308746baceafad3a7913349
As soon as 15.1.12 is out tomorrow, it can be installed using the usual pkgng magic. If somebody works on getting GUI support going for OPNsense, we're more than happy to help polish it and pull it in.
Logged
gratis
Newbie
Posts: 15
Karma: 5
Re: WISH LIST for OPNsense
«
Reply #25 on:
June 17, 2015, 11:44:56 am »
Very nice. Thanks for the prompt response, and your efforts...
Logged
guest7876
Guest
Re: WISH LIST for OPNsense
«
Reply #26 on:
July 18, 2015, 11:55:19 am »
my Wish list includes Tor and polipo as a caching proxy for Tor. have not investigated whether squid could
be used in place of polipo.
both of these packages are available to FreeBSD 10.1.
i wouldnt mind helping with building the GUI for this add-ons once you get your plans finished up for
how the Add-ons will be integrated. i know some about bootstrap.
this would be awesome from the security point for people.
other one would be sixxs-aiccu for IPv6 Tunnel since my provider doesnt provide v6.
also willing to help on building the GUI for this one as well.
let me know what i can do to help and point me to any documentation on a starting point.
im pretty well versed on pkg and how it works.
Logged
franco
Administrator
Hero Member
Posts: 17665
Karma: 1611
Re: WISH LIST for OPNsense
«
Reply #27 on:
July 18, 2015, 07:19:44 pm »
Hi wild045,
I will take care of the packages requests soon:
https://github.com/opnsense/tools/issues/12
As far as pkg and our new plugin infrastructure (what pfSense calls packages essentially) goes one doesn't need to care about pkg at all as the plugin build framework wraps everything already. What is barely working is the plugin plugin into the running system. It works by manually reloading the web server, typing the URL in the browser, but we want to have a dynamic menu and backend service as well to make sure the plugins deserve their name.
If anybody wonders why plugins are not named packages, well, FreeBSD already has designated terms for ports and packages and everything is already packaged in OPNsense (except base/kernel) so we thought plugins would be a more fitting term. Also, alliterations are neat.
Cheers,
Franco
Logged
guest7876
Guest
Re: WISH LIST for OPNsense
«
Reply #28 on:
July 18, 2015, 10:32:00 pm »
Franco,
i understand the pkg system well. ive been a FreeBSD admin since before 4.x came out.
please dont forget the sixxs-aiccu package. for people that need the v6 tunnel to sixxs , its handy.
looking forward to seeing how you implement the dynamic framework in opnsense. and then i can get to
work, working on getting GUI's for the few packages i referenced.
in the meantime , im assuming i can just install the packages i referenced and edit the config files manually
and start the services correct?
Logged
franco
Administrator
Hero Member
Posts: 17665
Karma: 1611
Re: WISH LIST for OPNsense
«
Reply #29 on:
July 19, 2015, 10:23:54 am »
Not all packages from the repository are installed by default. You can query the remote by:
# pkg rquery "%n: %c"
You'll notice sixxs-aiccu is already there waiting to be installed.
And, yes, you can configure /etc/rc.conf, but you'll have to run "service xxx start" manually for now. We have an automatic hook, but it needs to be replaced as it is not working very well, e.g. with open-vm-tools(-nox11).
Logged
Print
Pages:
1
[
2
]
3
4
« previous
next »
OPNsense Forum
»
English Forums
»
General Discussion
»
WISH LIST for OPNsense