A hardy "Welcome!" to OPNsense!



  • Someone else has forked pfSense.

    http://opnsense.org/

    Let me be perfectly clear: we welcome Jos, Franco and the crew.  Good job, lads.



  • Fancy orange GUI.

    Gonzo, can I change my nick?

    ( ;D )



  • @Hollander:

    Fancy orange GUI.

    Gonzo, can I change my nick?

    ( ;D )

    To what?



  • @gonzopancho:

    @Hollander:

    Fancy orange GUI.

    Gonzo, can I change my nick?

    ( ;D )

    To what?

    Well, wanting to taking a certain distinguished distance from my current nick, 'Hollander', given the above, Mr. Jingles or M-Venezuela (most beautiful women on earth, there  :P ) would be first best alternative, I think  ;D



  • The profile for Mr. Jingles has been updated successfully.    8) 8)



  • @gonzopancho:

    The profile for Mr. Jingles has been updated successfully.    8) 8)

    Thank you Sir  ;D




  • thanks +1 from me.

    Had a good laugh (non-denigrating, but funny nevertheless. ).
    My neighbors never ceases to amaze me… ;D

    That orange is pretty surprising though, not sure where that inspiration comes from  :o



  • @bennyc:

    That orange is pretty surprising though, not sure where that inspiration comes from  :o

    Musenki was orange, but that was so 2001/2002.  http://archive.linuxgizmos.com/a-sneak-preview-of-musenkis-new-wireless-access-point-a/

    Maybe orange is the new black?



  • Hope they don't fork it up….



  • @kejianshi:

    Hope they don't fork it up….

    pfSense is a nearly decade old fork of m0n0wall.  pfSense forked because m0n0wall and pfSense had different goals.
    http://doc.m0n0.ch/handbook/faq-goals.html

    pfSense wanted to take advantage of larger hardware:
    https://doc.pfsense.org/index.php/Why_did_pfSense_fork_from_m0n0wall

    It's pretty obvious that OPNsense forked because they're pissed about the license agreement.  I don't know that being pissed will be enough to sustain the level of effort required to keep a fork 'great'.  In the end, it doesn't matter. If they make things better, we're sure to take a look at what they're doing.

    Funny thing is, the only thing the license agreement prevents is that a fork is called "pfSense".  Similar to Fight Club's, "if this is your first night at Fight Club, you HAVE to fight", this is open source, forking is allowed.

    Hmm, anyone for "Fork Club"?

    • The first rule of Fork Club is that you do not talk about Fork Club.

    • No shirts, no shoes.



  • Sounds political - I just hope that the efforts don't become divided and turn 1 great project into several mediocre projects. 
    Thats all.



  • @bennyc:

    thanks +1 from me.

    Had a good laugh (non-denigrating, but funny nevertheless. ).
    My neighbors never ceases to amaze me… ;D

    That orange is pretty surprising though, not sure where that inspiration comes from  :o

    I'm getting old, I no longer immediately recognize cynical messages  ;D

    Orange probably comes from "Het huis van Oranje" ('the house of orange', brrrr, stupid translation), which is how the royal family over here is referred to (after Willem van Oranje, who is supposed to have founded this monarchy in The Netherlands). Hence the soccer players with orange shirts. So, orange = Netherlands.



  • @Mr Jingles

    Orange probably comes from "Het huis van Oranje" ('the house of orange', brrrr, stupid translation), which is how the royal family over here is referred to (after Willem van Oranje, who is supposed to have founded this monarchy in The Netherlands). Hence the soccer players with orange shirts. So, orange = Netherlands.

    lessen aan het nemen bij Van Gaal ofzo ? (the death or the gladioli  / The three points are inside / It's again the same song )



  • @heper:

    @Mr Jingles

    Orange probably comes from "Het huis van Oranje" ('the house of orange', brrrr, stupid translation), which is how the royal family over here is referred to (after Willem van Oranje, who is supposed to have founded this monarchy in The Netherlands). Hence the soccer players with orange shirts. So, orange = Netherlands.

    lessen aan het nemen bij Van Gaal ofzo ? (the death or the gladioli  / The three points are inside / It's again the same song )

    ;D ;D ;D ;D ;D

    You know the Dutch government keeps on insisting that the educational systems in The Netherlands are among the best in the universe  :P

    "Nederland kennisland" (to do a Van Gaal translation: Netherlands knowledge land).

    Well they were good some 20 years ago, but since then they too were swallowed by the famous (global) college bubble.



  • I thought the USA was best in the world at thinking it was best in the world…



  • @kejianshi:

    I thought the USA was best in the world at thinking it was best in the world…

    New York comes from New Amsterdam (stupid deal The Dutch made with the British who obviously were way smarter; The Dutch swapped Manhattan for a bunch of banana trees in the Caribbean. The Empire  came, saw, said 'cool, you take the bananas, gives us New Amsterdam, all we have to do is swap the name: from Amsterdam to York'  ;D ).

    Harlem = Haarlem, a place in The Netherlands.

    More here: https://en.wikipedia.org/wiki/List_of_place_names_of_Dutch_origin

    Of course, that's all the work of our Forefathers.

    Who roll in their graves seeing what this once great country they built has been r*ped into.

    Did you know the world famous red light district in Amsterdam has been shutdown? Coffee shops have been brought under a fascistic regime?

    And next the socialistic idiots are surprised to see these hundreds of Boeings full of tourists don't touch down anymore in Amsterdam.

    They had sincerely predicted all these tourists would keep on coming; if not for the joints, hookers and 'live and let live' atmosphere in Amsterdam, then at any time to visit the 'Rijksmuseum', where you can look at boring paintings of undertalented painters. Paying premium entrance prices on your way in, and getting robbed by the illegal street scum on your way out. Whom police officers are not allowed to give the proper treatment, and whom 'judges' let walk freely.

    Sorry, I'm drifting off  ;D



  • Yeah - Hookers, drugs and alcohol have probably never hurt tourism anywhere.

    Me - I'm staying in the Philippines for now.  There is none of that here.

    Anyway - Hope all this forking doesn't hurt pfsense.


  • Banned

    HAHAHAHAHAHAHAHAHHA :D

    @kejianshi:

    Yeah - Hookers, drugs and alcohol have probably never hurt tourism anywhere.

    Me - I'm staying in the Philippines for now.  There is none of that here.

    Anyway - Hope all this forking doesn't hurt pfsense.



  • Ok - You got me…  Its everywhere.  haha.  :P



  • @kejianshi:

    Me - I'm staying in the Philippines for now.  There is none of that here.

    ;D ;D ;D ;D ;D

    Are you from the Philippines, or an expat living there?



  • @kejianshi:

    I thought the USA was best in the world at thinking it was best in the world…

    Indeed, we are.

    We're #1!



  • ok i'm installing this in a virtual server. GG WP well done.

    Congrats.



  • This's nice but can't we add packages from Menu like in PfSense?  :'(



  • @kejianshi:

    Sounds political - I just hope that the efforts don't become divided and turn 1 great project into several mediocre projects. 
    Thats all.

    How would what they do impact what we do?



  • It wouldn't UNLESS those are people who left the project.  I'm not in the know about who all the "main" people are for pfsense.



  • @kejianshi:

    It wouldn't UNLESS those are people who left the project.  I'm not in the know about who all the "main" people are for pfsense.

    Nobody left the project.



  • Cool - Well, maybe they will do something good and you guys can accidentally have all the same ideas…  Simultaneously (-:



  • No need for accidents.  If they have good ideas, we'll look at adopting them.


  • Netgate Administrator

    Do we know what pfSense version the fork was from?

    As I read that I was thinking 'pretty sure applianceshop might object to the name…... oh wait'.  ;)

    Generally speaking choice is a good thing. I look forward to seeing how this pans out.  :)

    Steve



  • @stephenw10:

    Do we know what pfSense version the fork was from?

    a pfSense 2.2 beta from October.
    https://github.com/opnsense/core/blob/14.12/etc/version

    The OPNsense team immediately moved back to 10.0 (not 10-STABLE):
    https://github.com/opnsense/tools/commit/f4f556a2e12e2217ebd84529f64a35db84d2e427

    BTW, pfSense 2.2-RC1 was released Dec 10 (deliberately after 10.1-RELEASE).
    https://blog.pfsense.org/?p=1506

    The OPNsense team have also been overly enthusiastic about stripping off Copyright.  If that's who they want to be, I'm going to
    let it stand (for now.) As my grandfather said, "Character is destiny."  In one particular instance, they've repaired things, (likely because Scott Ullrich complained, but I don't know.)

    https://github.com/opnsense/tools/commit/b0079b541421194f9acd9199c7061335af1f3672

    @stephenw10:

    As I read that I was thinking 'pretty sure applianceshop might object to the name…... oh wait'.  ;)

    No, but Jos did threaten the pfSense trademark registration in Europe.  "Character is destiny."

    @stephenw10:

    Generally speaking choice is a good thing. I look forward to seeing how this pans out.  :)

    Yes, I saw that you recently joined as a member of their forum.


  • Netgate Administrator

    Yep. Mostly because when I first tried pfSense many years ago after reading about it on Slashdot (1.0?). I read some threads on the forum and nearly registered but didn't and regretted it ever since.  ::)

    Steve



  • The UI Looks very flashy and modern.



  • Indeed, the GUI is nice.

    They left i386 builds out of the initial release.
    They removed the ability to set static routes out of their initial release, too.

    They removed AES-GCM (and with it, support for any real speed-up due to AES-NI), and it's not scheduled to come back until release 15.7.

    https://github.com/opnsense/core/issues/11

    But the GUI is nice. ;)



  • I'm waiting for the people who use that to join this forum to ask for how it actually works, and ask for help fixing problems and bugs.

    Of course, lots of confusion and messy threads because it won't be clear it's not pfSense.



  • And they put out their second "stable" release with strongswan 5.2.2, which seriously broke some things in IPsec. It was an upgrade that needed to happen since it has a security-related fix (DoS), but it also broke rekeying to the extent a majority of systems using IPsec would have outage-inducing issues after somewhere between a few hours to a few days. Testing, anyone? We slipped a week on 2.2 release in getting those problems debugged and resolved. We pretty quickly determined there were issues, because we test things (plus have help from everyone here in doing so).

    Again, easy to push out releases if you don't care or are oblivious to whether things actually work.

    https://twitter.com/gonzopancho/status/554645970172923904

    They've got a lot to learn.



  • @cmb:

    https://twitter.com/gonzopancho/status/554645970172923904

    Nice tweet; it took me 15 months to get decent coffee out of this (pic)  ;D




  • @cmb:

    And they put out their second "stable" release with strongswan 5.2.2, which seriously broke some things in IPsec. It was an upgrade that needed to happen since it has a security-related fix (DoS), but it also broke rekeying to the extent a majority of systems using IPsec would have outage-inducing issues after somewhere between a few hours to a few days. Testing, anyone? We slipped a week on 2.2 release in getting those problems debugged and resolved. We pretty quickly determined there were issues, because we test things (plus have help from everyone here in doing so).

    Again, easy to push out releases if you don't care or are oblivious to whether things actually work.

    https://twitter.com/gonzopancho/status/554645970172923904

    They've got a lot to learn.

    The tweet itself is spot on too, btw.


  • Netgate Administrator

    @hongkonger:

    The UI Looks very flashy and modern.

    I haven't managed to actually boot it on anything yet so I can't comment on that directly but…..
    Whilst I agree that the pfSense webgui could be improved it's something that's pretty much at the bottom of any list of improvements I might make. I realise that having a shiny interface can in some circumstances help to sell a product but I seem to be increasingly running into interfaces/sites that have been 'polished' because someone felt they had to to keep up with rest at the expense of usability. I've commented on this before and encountered far more hostility than I expected so perhaps I'm in the minority here. I'm very firmly in the function over form camp.

    Steve



  • @stephenw10:

    so perhaps I'm in the minority here.

    Plato once said something about minorities  ;D

    I'm in your camp too; this is a server, it needs to be robust as a server, it doesn't need a fancy GUI. Sure, if you are swimming in money like Apple does you can pimp whatever you want, and yes, a fancy GUI is nice, but it's not top priority: where does the dollar invested get the highest return? I'd rather have The Company invest in the stable server functions with an 'old' GUI, than in a fancy GUI yet a buggy, unstable, crashing, server.



  • Could be worse.  Cisco seems to think having a GUI at all, of any quality or usability is "fancy".
    And yet people use the crap out of their hardware.


Log in to reply