OPNsense 17.1 Released, Based On FreeBSD 11

An anonymous reader quotes Phoronix: OPNsense 17.1 is now available as the newest release of this network-focused FreeBSD-based operating system forked from pfSense. It's now been two years since the first official release of OPNsense and to celebrate they have out a big update. OPNsense 17.1 re-bases to using FreeBSD 11.0, there's now a SSH remote installer, new language support, more hardening features used from HardenedBSD, new plugins, integrated authentication via PAM, and many other improvements. Some of the new plug-ins include FTP Proxy, Tinc VPN, and Let's Encrypt support.
This version has been named "Eclectic Eagle".

Past pfSense user

[OffTheLip]

Really was a fan of pfSense as an easy way to protect a network of many. Good to hear it's still a project.

Re:Past pfSense user

OPNsense and pfSense are two different projects, the former seems to be sort of an odd copy/fork of the latter (there's some drama between the two that I don't claim to understand).

Re:Past pfSense user

[Bigbutt]

I had to go read the About and the Why Fork section in the docs to see what was going on. Apparently some company bought much of pfSense, changed licenses, and branded some of it. The OPNsense folks, who were supporting it up to then, decided to fork the code.

I have been setting up my own firewall for about 20 years now I guess and recently, at the recommendation of a couple of friends, snagged pfSense for my new home VMWare environment. Worked for replacing the firewall and even better for the other services I was configuring on my own on my old gear. I may whip up a quick VM and load up OPNsense just to see what the fuss is about.

[John]

Re:Past pfSense user

[Bigbutt]

Eh. As you said, I don't care if they're assholes. If it's better, I don't have a problem using it. My firewall blocks all incoming connections so I don't have a real complicated setup. Now, with the additional features of pfSense, I've been using its DNS server, Load Balancer, NTP, and DHCP services for my internal environment. I've checked out some of the stats and cast syslog to my internal syslog server but nothing much more than that.

Throwing OPNSense up as a test isn't going to be a big deal and who knows, it might actually be better (for what I do). :shrug:

[John]

Re:Past pfSense user

[unixisc]

If that company makes routers or cable boxes, I would be interested in one that runs pFsense. Particularly the idea that it could be more secure than the Linux based ones, and that it would be somewhat mature in its IPv6 support

Re:Past pfSense user

[Billly+Gates]

It is. They sell racks with pfsense loaded on. I was reading maximumpc which is now owned by pcgamer last year from an editor who tried 10 GBS internet for his own. Guess what?

I saw a screenshot of his rack in his garage and I recognized the pfsense screen :&). Comcast uses the same equipment for load balancing and routing fast Ethernet and bundled it for him. He bought the rack as nothing consumer grade could handle greater than 2 gigs as a router and VPN for his home. Pfsense is actually owned by the FreeBSD project too so it's not fully private.

I use it at home for my virtual machines for my silly mcse exams. I used server 2k3 as a router for my virtual networks previously. Anyway I have a cloned image of pfsense for VMware and Hyper-V as the Freebsd project included guest services for both in the kernel

Re:Past pfSense user

[unixisc]

pFsense is actually a fork of m0n0wall, itself a fork of FreeBSD. iXsystems owns TrueOS (formerly PC-BSD) and somewhat implicitly, FreeBSD, but not pFsense.

Re:Aw fork it

[TheRaven64]

You used the word Linux a lot of times for a story that has absolutely nothing to do with Linux.

Re:Aw fork it

[hey!]

And the world needs another comment from someone who hasn't bothered to read the article summary? OPNsense is a BSD based firewall.

Re:pshaw!

[hey!]

I don't think he's paying attention.

Re:Yawn

[thsths]

Indeed. I am secret BSD fan, but all these forks are getting boring, and surely they do not help to make BSD more relevant.

Re:Yawn

[unixisc]

There ain't close to the number of forks of FreeBSD the way there are of Linux. Just a handful. OpenBSD has just 1 or 2 forks, NetBSD has just 1 - OpenBSD, and FreeBSD has a few, but which can be counted on 1 hand

Lack of Tinc kills pfSense for me

[Wokan]

I had the newest pfSense installed when I found out they hadn't ported the 2.2.x tinc plugin to 2.3. I switched to a Linux based firewall, but ipv6 setup hasn't worked yet after working flawlessly under pfSense. OPNsense sounds like it might just be the answer I've been looking for.

Pfsense?

[Billly+Gates]

Everyone and their brother uses pfsense and is part of the Freebsd project. Is OPNsense just a clone or a fork? What does it do that pfsense can't?

Re:Aw fork it

[I'm+just+joshin]

Whoosh...

Anyone with experience of this?

[dremspider]

I have been using pfsense for a few years now. I have been interested in this because i has an api. Long term i would like to build out something that can block ips based on elasticsearch queries using elastalert. If anyone has good or bad stories feel free to share!

Re:Aw fork it

[Billly+Gates]

Dude? It's not Linux. It's Freebsd and no it's not a distro by some fat guy in a basement either. It's part of the Freebsd project and foundation. Get with the program!

Re:Tinc part of pfsense for years

[Billly+Gates]

Here is an article from 2014 http://pfsensesetup.com/vpn-tu...?

Also the ports are included too so if something is not installed it's a CD /usr/ports and a make install clean away

What is in a name?

[manu0601]

What does OPN stands for?