More shady stuff from pfsense

Notice: Page may contain affiliate links for which we may earn a small commission through services like Amazon Affiliates or Skimlinks.
zer0sum

zer0sum

Well-Known Member
Mar 8, 2013
850
475
63
ketiljo said:
I'm seriously considering switching to Opnsense now but I need an alternative to pfblockerNG. Any suggestions?
Click to expand...
It's really easy to setup functionality similar or better than pfblockerNG. Which features are you using exactly?

For DNS list blocking you can just use unbound, or even better install the Adguard package

For IP list based blocking you use URL table alias

If it's GeoIP blocking you can do it with simple IP aliases as well

Laid out pretty clearly here -

www.comparitech.com

How to reproduce pfBlockerNG functionality in OPNsense

This post guides you through all the steps to reproduce pfBlockerNG functionality in OPNsense. Read it here.
www.comparitech.com www.comparitech.com
.
 
Last edited:
  • Like
Reactions: cageek, ms264556, custom90gt and 2 others
S

sic0048

Active Member
Dec 24, 2018
127
106
43
I had requested and obtained a non-commercial free license from Netgate, but never actually went through the conversion process to move off the CE version. Now I have lost the ability to do that, even though I have a license. Making this change overnight without any warning is a pretty crappy thing to do.

I actually have a new firewall appliance and new switches that I was running in a test environment with OPNsense. I was planning on making wholesale changes to the way I handled my network. To be honest however, I found the OPNsense GUI a little hard to navigate simply because I was used to pfSense's GUI. I had turned the test bed off and hadn't messed with it in a couple of months. I guess it is time to fire it back up with the goal of switching it out ASAP.
 
D

das1996

Member
Sep 4, 2018
75
17
8
sic0048 said:
I had requested and obtained a non-commercial free license from Netgate, but never actually went through the conversion process to move off the CE version. Now I have lost the ability to do that, even though I have a license. Making this change overnight without any warning is a pretty crappy thing to do.

I actually have a new firewall appliance and new switches that I was running in a test environment with OPNsense. I was planning on making wholesale changes to the way I handled my network. To be honest however, I found the OPNsense GUI a little hard to navigate simply because I was used to pfSense's GUI. I had turned the test bed off and hadn't messed with it in a couple of months. I guess it is time to fire it back up with the goal of switching it out ASAP.
Click to expand...
If you have a valid token, it will still convert 2.70CE to plus as of this evening. Who know what will happen in the future though. That's the really concerning part.
 
S

sic0048

Active Member
Dec 24, 2018
127
106
43
Yeah, I re-read the official announcement from Netgate and I see zero reason to try to convert from CE to the old tac-lite system. They said in the announcement that future updates/upgrades MAY be slow in coming under the now defunct license. If they are willing to admit that in the official announcement, it pretty much guarantees the fact that they won't be updating it very often. Companies always try to paint a rosy picture and if "may" is the best they can paint the situation, it is pretty bad.
 
9

986box

Active Member
Oct 14, 2017
234
42
28
44
Had been using pfsense since 2.0. Still running on CE edition. When plus was released, I doubt it will be forever be free. No one with biz sense will offer free product without some return.

Anyone converted to Plus, should plan for the day when it is no longer free.

folks running Netgate are just bad at running a biz.
 
  • Like
Reactions: Vesalius, mach3.2 and T_Minus
Prophes0r

Prophes0r

New Member
Sep 23, 2023
28
18
3
East Coast, USA
gb00s said:
Why is this shady behavior? Just because users want everything for zero doesn't mean businesses need to follow...
Click to expand...
  1. They pressured their non-corporate clients away from the community edition with the promise of free licenses, then rug-pulled the 'free'.
  2. The very idea that 'free' means a company doesn't make money off something is some stupid C-suite crap. "Free" stuff that co-exists in a paid ecosystem STILL provides value to everyone.
    1. The user pays less/nothing.
    2. The paid users get a larger community, which means more users getting eyes on things.
    3. More people pointing out security, UX, compatibility, and other problems.
    4. More tutorials, exposure, and forum/QA/reddit answers to common problems.
    5. And the COMPANY gets more users with experience and familiarity with their flavor of equipment. One of the (many) reasons to have a HomeLab is to demo/learn stuff. If I'm familiar with Cisco, Brocade, Mellanox, or other equipment because I run it at home I'm DAMN SURE going to push for the same equipment I'm familiar with at work if I have the choice.
The same arguments apply to pretty much ALL free+paid ecosystems from club activities to f2p MMOs.
'Free' can still provide SUBSTANTIAL value.
 
  • Like
Reactions: fohdeesha, Datamonkeh, SlowmoDK and 1 other person
R

Reider

New Member
May 2, 2021
9
1
3
nkw said:
Opinions on alternatives to pfSense?

I guess OPNsense if one wants to stay with *BSD, for Linux alternatives maybe VyOS or RouterOS?
Click to expand...
I've had a look at VyOS and been playing around with it for a few days.

It gives off a clean appeal without all the moving parts of a webgui - I like it. It seems more polished and well maintained than both PFSense and OPNSense. However it's a bit of an uphill battle learning a CLI while trying to build out a stable router for the family.

I bet it's rock solid once it's up and running. But I'm worried that something will happen, I'll know how to fix it, but end up using hours trying to find the correct CLI syntax to get the job done. We also use uPNP (with ACL) in the house for the XBOX, but VyOS doesn't have a stable imlpementation as far as I can tell.

So I'm just not sure if it's a suitable product for a home environment.

I've also looked at Arista NG Firewall (Untangle), but it it's full of stuff I'd never use which I think increases complexity (AV, Phishing module, SSL inspection +++).

VyOS fits the bill and looks perfect, but like I mentioned above, I'm not sure if it's a good choice for a home environment (Although I'm still working on it).
 
Last edited:
B

blunden

Active Member
Nov 29, 2019
488
153
43
Reider said:
I've had a look at VyOS and been playing around with it for a few days.

It gives off a clean appeal without all the moving parts of a webgui - I like it. It seems more polished and well maintained than both PFSense and OPNSense. However it's a bit of an uphill battle learning a CLI while trying to build out a stable router for the family.

I bet it's rock solid once it's up and running. But I'm worried that something will happen, I'll know how to fix it, but end up using hours trying to find the correct CLI syntax to get the job done. We also use uPNP (with ACL) in the house for the XBOX, but VyOS doesn't have a stable imlpementation as far as I can tell.

So I'm just not sure if it's a suitable product for a home environment.

I've also looked at Arista NG Firewall (Untangle), but it it's full of stuff I'd never use which I think increases complexity (AV, Phishing module, SSL inspection +++).

VyOS fits the bill and looks perfect, but like I mentioned above, I'm not sure if it's a good choice for a home environment (Although I'm still working on it).
Click to expand...
The VyOS team is working on a Web UI too actually, but a lot of functionality will likely remain CLI only for quite a while.

They are also working on implementing the option of using VPP as the dataplane. Once finished, that should provide a massive performance improvement for users with compatible hardware. Basically, it may compete with Netgate's TNSR in terms of performance, although it probably won't have Intel QAT support.
 
  • Like
Reactions: Reider
R

RyC

Active Member
Oct 17, 2013
359
88
28
They’re ”bringing back” TAC Lite for $129 a year: Coming Soon: Netgate pfSense Plus TAC Lite Available for $129/year

If you don’t buy TAC Lite for your existing Home/Lab pfSense Plus installation, it will not receive future updates.

Personally I don’t want to pay $129 a year for my home network when I don’t really use any pfSense Plus features, and given the choice between pfSense CE and OPNSense, OPNSense seems good enough for home use at this point. I’m not doing anything crazy networking wise.
 
  • Like
Reactions: mach3.2
M

mach3.2

Active Member
Feb 7, 2022
132
87
28
RyC said:
They’re ”bringing back” TAC Lite for $129 a year: Coming Soon: Netgate pfSense Plus TAC Lite Available for $129/year

If you don’t buy TAC Lite for your existing Home/Lab pfSense Plus installation, it will not receive future updates.

Personally I don’t want to pay $129 a year for my home network when I don’t really use any pfSense Plus features, and given the choice between pfSense CE and OPNSense, OPNSense seems good enough for home use at this point. I’m not doing anything crazy networking wise.
Click to expand...
I'd say Mikrotik's CHR licensing model is more platable for most people.
Although some might still find the unlimited license to be a bit pricy, but at least it's perpetual, so buy once cry once.

$129/year is a really tough sell when you look at lab licenses like VMUG that goes for $200/year, and is occasionally discounted.
I think most can agree VMUG brings way more value with it than say pfsense.
 
  • Like
Reactions: marcoi and T_Minus
You must log in or register to reply here.
Top Bottom