Second OPNsense. pfSense also is maintained by some pretty shitty individuals.
Comment on What are some self hosted services that you think are essential?
CarbonatedPastaSauce@lemmy.world 3 days ago
The only one I haven’t seen mentioned here that is a requirement for me is OPNsense. I’ve been using it for a couple years, and pfSense before that for a very long time. Never going back to commercial routers and their shitty / buggy / backdoored software. I highly recommend OPNsense over pfSense for the UI improvements alone, but there are other reasons to use/support OPNsense over pfSense.
On my network it handles internet firewall, internal firewall, and all routing across 5 VLANs and between two internet gateways. It does 1-1 NAT for my public IPs, inbound VPN, outbound VPN for my *arr stack, and RDNS blocklists with the data source being a script I wrote that merges from several sources and deduplicates the list. It is my internal certificate authority (I don’t miss you at all, Windows CA), DHCP for the guest wifi, and does pihole-like ad blocking via DNS for my entire network. And it does all that running in a VM with 2GB of RAM, of which it only uses about 60% on my install.
It is an incredibly powerful tool, not terribly difficult to learn, has a pretty damn good UI for FOSS, and in my opinion is a fantastic foundation for a complex home network / homelab. Unlike pfSense, which corrupted itself twice over the years I ran it, it has never let me down. And every update has been painless over the years.
coronach@lemmy.sdf.org 3 days ago
CarbonatedPastaSauce@lemmy.world 3 days ago
Yeah I hinted at it but didn’t feel like going into it. It’s why I switched though, and happily I found OPNsense to just be better anyway.
Shimitar@feddit.it 2 days ago
Went to try pfSense. Need to register to their shop to buy a free download link.
Then during installation it won’t install unless it can phone home and report.
OpnSense all the way.
CarbonatedPastaSauce@lemmy.world 2 days ago
That’s new, it didn’t used to do that back in the days when I used it but that was a couple years ago. Sounds like it’s just getting worse.
mike_wooskey@lemmy.thewooskeys.com 3 days ago
I highly recommend OPNsense over pfSense for the UI improvements alone, but there are other reasons to use/support OPNsense over pfSense.
Can you list or summarize some of the other reasons?
CarbonatedPastaSauce@lemmy.world 3 days ago
Eh, I’ve forgotten a lot of the details and it’s drama that I don’t care to relearn about. Easy to find online with some basic searching if you want to read about it.
AtariDump@lemmy.world 1 day ago
mike_wooskey@lemmy.thewooskeys.com 1 day ago
Thanks for that info, @AtariDump@lemmy.world
witx@lemmy.sdf.org 3 days ago
How many NICs do you have on you opnsense machine?
CarbonatedPastaSauce@lemmy.world 3 days ago
It’s a VM so technically none I guess, but my hypervisor hosts have a 4 port gigabit card and a 10 gig fiber card, plus another gigabit port on the motherboard.
OPNsense is using 6 interfaces, 2 WAN and 4 LAN, but it’s all virtualized.
militaryintelligence@lemmy.world 3 days ago
I understood some of those words. It make network go?
CarbonatedPastaSauce@lemmy.world 3 days ago
It make network go very good.