Die letzten paar Prozent zu laden dauert ewig...

Es hat den ganzen verschissenen Tag gedauert, aber VLAN-Config per File und ein Uplink auf Port 22 mit allen #VLAN tagged scheine ich hinbekommen zu haben.

Nächster Schritt: Trunk mit zwei NICs, um das Ding direkt an die #pfSense anzuschliessen. Dann kann ich endlich den uralten und chronisch überfüllten 24x #Switch unterbrechungsfrei ausmustern, der immer noch mein Hauptswitch ist. Dessen Ableben ist ein Damoklesschwert über meiner heimischen IT-Landschaft, dessen Auflösung ich schon seit Jahren vor mir her schiebe. Bin ja kein Netzwerker und #JunOS ist jetzt nicht so intuitiv.

Der #Juniper 3400 ist deutlich jünger und hat einen erheblich geringeren #Stromverbrauch, trotz doppelt so vieler Ports. Danach kann die Serverlandschaft weiter wachsen, die #Weltherrschaft ist nahe...

I've always been told that #OpenWRT was somewhat unprofessional, that it was just a bunck of duct-taped tools with a linux kernel in it, that I should rather use #opnsense / #pfsense for more complete use case.
Now that I got enough experience with both (several years of quite advanced use), I can say that I feel way more confortable with OpenWRT.

Hi I'm 90s Script Kiddie, I grew up online. I do #devops and #automation code stuff for my job. My hobbies are #gamedev, #vintageelectronics, #gaming, #repair ing stuff to keep it out of the landfill, old #apple hardware, #linux admin (I run my own mail, web, media etc servers) #network admin especially #pfsense, I love #books, #anime, #manga - reading in general really. #music too! Jazz, alt-rock, pop, folk, chiptunes... I also enjoy #cooking and am trying to get better at it. Beliefs-wise I'm something of an anarchist, yearning for a #solarpunk future I'll probably never live in, but I do what I can to do #mutualaid for the people in my circle. If you're my friend, I will set up all your electronics for you, replace the battery in your phone, give you some free mail or web hosting... whatever! I try to limit my consumption of news media for my own sanity, but I love reading about what people are doing in their own words. That's why I love the Fediverse, and it's why I'm lurking around on #gopher

I don't have a lot of friends. I've always been kind of a loner, and a little awkward. Luckily, I love my own company and have no problem spending time alone. Those few in my circle are people who I think make the world better by being in it.

I'm a #queer #bi #enby and I don't really give a hoot about what pronouns you use for me. Actually, I sort of feel like however you labeled me I'd want to break out of that box somehow. I guess I'm pretty contrary.

New #introduction who dis.

Any #PFSense / #OPNsense wizards out there?

Anyone ever see it where one's WAN interface randomly decides to become a private IP instead of proper public one?

This is like the 3-4th time over 2-3 years and it's really getting on my nerves. Rare enough for me to not dig in and fix, but common enough to where -> this must never happen again.

Maybe fault of AT&T gear? But would love to have pfsense re-check for IP if it ends up with a 192 somehow for WAN interface.

Currently I’m using #pfsense CE. It didn’t receive an update since December 2023, and is still based on FreeBSD 14.0 which is unsupported since October 2024. A release date for version 2.8 is not available yet, and I've lost hope that an update will be shipped anytime soon.

Now I’m considering to migrate to #opnsense. I’ve played around a bit with it, but from a GUI point of view it feels not as clean and intuitive as pfSense does.

Has anyone migrated to OPNsense from pfSense yet? #firewall

Julkaisin juuri uuden artikkelin blogiini!

Mitä kotiverkossani oikein "pyörii"

https://markokaartinen.net/2025/mita-kotiverkossani-oikein-pyorii

#docker #home-assistant #selfhosted #kotiverkko #selfhosted #zigbee #pfsense #palvelin #kotiautomaatio #selfhosted

I am trying to configure #pfsense #openvpn through alias instead of single CIDR notations, as soon as I make the changes, clients from the outside can't connect, even after restarting the openvpn server. But testing with a machine I have here through a mobile provider hotspot the new openvpn settings work. *scratches head* #sysadmin #IPV6 #ipv4

Firewalls robustas

https://eventos.coletivos.org/event/firewalls-robustas

One for my fellow #FreeBSD and #OpenBSD users. I used to build my own simple firewalls using either OS until I ended up with dual upstream, non-aggregated connections and switch to #pfsense CE for that.

I would much rather prefer to go back to a regular artisanal firewall, but wasn't able to find any configuration examples for an ideally pf-based firewall setup that has the ability to handle routing traffic between two distinct upstream providers without using LAGG or a similar aggregation setup.

Does anyone have such a setup that they're willing to share, or should I just stick with pfSense or OPNSense?

Ich hab uebrigens meine beiden #pfSense CE Firewall im Datacenter auf pfSense+ geupgraded.

Neben dem #Proxmox Mail Gateway ist das das zweite Open Source Produkt, was ich mit einer Subscription supporte.

Mir waere es eigentlich fast lieber, in einen Topf/Fund einzuzahlen und da dann zu sagen, was ich gerne unterstuetzt haben sehen wollen wuerde und der Fund verteilt die Gelder dann halt anteilig weiter.
Aber vielleicht ist das ja auch das Business Modell von OpenCollective... wer weiss...

Шукав золоту кулю для розв'язання задач роутера. Багато закордонних оглядачів звертали увагу на #pfsense
І дійсно, при огляді можливостей проєкт виглядав як дуже цікавий.

Запускав його як віртуалку для тестів.

Після 2 місяців експериментів для стабілізації роботи відключив dnsbl, а потім замінив Unbound на dnsmasq...
Дивно було споглядати, коли раз в годину при оновленні бази доменів роутер фрізиться... Причому це впливало на весь мережевий стек.
Система потребувала багато ресурсів.

Also development of #pfsense CE seems to be continued in January (see <https://redmine.pfsense.org/projects/pfsense/issues?fixed_version_id=74&set_filter=1&status_id=c>), I'm thinking of obtaining a pfSense+ license for my HA setup in front of my Mastodon servers and such.
Two reasons for this:
1) to get more frequent updates with pfSense+
2) to fund & support development of pfSense as a product

#ipv6
#pfsense

Angeschaut und für gut befunden:

https://m.youtube.com/watch?v=LO71JAbfJu4

Anyone using #eufydoorbell and #pfsense? It is the only thing I can't get working. Video feeds are fine (across the local network or via mobile data), but changing settings only works 1 time in 10 and I don't get notifications anymore.

The only logged blocked packets at the time notifications should go out are TCP:S with a source on the internet and a destination of my WAN IP. All the sources are in the same /24. The port appears random. Unblocking them does not help. Wondering if they're (the TCP:S packets) are a sign NAT is doing a dumb. I've opted out of CGNAT.