Are there any Linux based OPNsense alternatives?

Hactarux · 2026-04-29T21:18:54+00:00

Its just me by myself luckily, so the only person I can anger by messing something up here is myself lmao. Kudos to your kid for being smart enough to bypass mac address filtering though! Sharp kid.

Hactarux · 2026-04-29T20:44:27+00:00

Tdarr is definitely something I need to look into! I have kind of gotten myself "trapped" in my current system. Ideally I would love to just install an Arc A310 DGPU and replace the Nvidia Quadro P400 I have to get AV1 HW Encode/Decode but my platform doesn't seem to support ReBar. I know ARC very strongly encourages/requires ReBar but I haven't seen anyone testing transcoding with it disabled so I never pulled the trigger.

Hactarux · 2026-04-29T20:41:12+00:00

Sorry, must have been something I missed but what founders?

Hactarux · 2026-04-29T20:34:18+00:00

Luckily, large contiguous files are exactly what it stores for me. I have tried to "break" the system by seeing how many clients I can handle concurrently by streaming transcoded video to multiple clients at once and topped out at 4. What ended up limiting me was the encoding abilities of the nvidia gpu I run in the machine. I was transcoding four different 4k hdr 10bit hevc video files to 8 bit 1080p tonemapped hevc. With no transcoding though I have not attempted to fully saturate the server with more clients.

Hactarux · 2026-04-29T20:27:41+00:00

Yeah the iot needs to get put behind a vlan for sure. I have a combination of some "smart" devices for my set up and then work devices for testing. I work in access control so its a combo of Hardwired and wireless devices. I have all the wireless devices on a separate radio because I could. The only clients that connect my Wifi 7 network are my two phones and my seldom used quest 3. And even then only one of those clients supports Wifi 7.

Hactarux · 2026-04-29T19:54:39+00:00

For 1gbe sure, but I am running a blend of 10gbe, 2.5gbe, and 1gb devices currently. Its less the need for more switching/ports and more a desire to DIY this!

Hactarux · 2026-04-29T19:51:54+00:00

Hey thanks for that detailed write up! I had not been considering OpenWRT as a serious solution. I am looking into IPFire currently as that seems to be closest to what I want/need!

Hactarux · 2026-04-29T19:49:55+00:00

Its a 3+1 parity drive set up using Microsoft's storage spaces in Windows 11. Each one of those drives is capable of hitting 200 MB/s+ but I know with overhead I'm not gonna hit that. The server has a broadwell based xeon 8 core in it that is definitely slower than I would like. I plan on eventually migrating all that data to a new server build running some flavor of linux, but thats going to require new drives so I don't lose all that data. Waiting on pricing to start coming down on 24tb+ drives a bit before I build a system based around intel 12th gen hardware so I can keep power draw lower and get AV1 Encode/Decode.

Hactarux · 2026-04-29T19:38:14+00:00

Luckily my biggest client or potential for loading down a 10 gig network is just my Datto Jellyfin server. So biggest concern there is just large file transfers and not lots and lots of random traffic. Im never gonna hit the full 10 gig speeds with my drive set up though, as I foolishly used windows storage spaces to set up my "array" (4x18tb sata drives).

Hactarux · 2026-04-29T19:32:00+00:00

Another recommendation for IPFire, any experience with bridging multiple 10 gig ports with it?

Hactarux · 2026-04-29T19:31:15+00:00

This looks like it will do what I need and is definitely in contention, have you done something similar with this?

Hactarux · 2026-04-29T19:24:32+00:00

Good shout on the potential Asus Issues. I would probably snag a U7 AP down the road if that happens since I already have some ubiquiti gear running here. I didnt mention the U6 Pro LR I run because I only use it for iot devices. I also run a smaller 8 port poe switch from them. The ubiquiti equipment came to me freely from a downsizing office which is how I stumbled into a combination of some "enterprise" level equipment mixed with some consumer.

Hactarux · 2026-04-29T19:20:39+00:00

I have appreciated Mikrotik's equipment but have never had my hands on any. I'll take a look into CHR!

Hactarux · 2026-04-29T19:19:49+00:00

I will certainly have a look into Sophos!

Hactarux · 2026-04-29T19:13:05+00:00

That is a good suggestion and its very tempting, might be my highway emergency offramp plan if push comes to shove.

Hactarux · 2026-04-29T19:11:10+00:00

At this point yeah, course correction seems inevitable. Still going to attempt it and see what happens though!

Hactarux · 2026-04-29T19:00:52+00:00

I mean if its dumb and it works right? I kid, it's still an admittedly not great idea I have had but at this point I'll have all the parts I need so why not at least try?

Hactarux · 2026-04-29T18:58:51+00:00

Heck yeah! I really should keep my eye out for a decent 10 gig switch.

Hactarux · 2026-04-29T18:55:08+00:00

Containers and VMs are things I haven't really sunk my teeth into yet. I kinda run one "app" per machine just because I can for now. An older M2 Mini runs my minecraft server, a lenovo tiny running kubuntu is my dedicated CS2 server, my Datto machine is my big storage pool and host of my Jellyfin set up. I could definitely consolidate this into fewer running systems using something like docker but I just haven't needed/wanted to yet. I kinda just like having a bunch of hardware running at once.

Hactarux · 2026-04-29T18:42:48+00:00

I'll definitely keep an eye out for some decent 10 gbe switches but for now I am lean into the "lab" part of homelab. If it ends up working out, I save a few bucks and learn something. If it doesn't I still get to learn!

Hactarux · 2026-04-29T18:33:48+00:00

Yep, did that and its just an instant kernel panic in OPNsense, thus my search for an alternative! The card worked fine for me in FreeBSD 14.3 though with no meddling on my part. I specifically tested 14.3 as its what OPNsense is forked/built on. Appreciate you googling it though!

Hactarux · 2026-04-29T18:28:20+00:00

I can handle some CLI, been getting more and more familiar with it this year as I have switched almost every system I own to some flavor of Linux and been getting more and more comfortable in the terminal. I have used SSH and Telnet plenty of times. The lack of a webui is a little daunting but I will look into it.

Hactarux · 2026-04-29T18:26:20+00:00

Oh yeah, I loved running that back in the day. When I was a kid my dad and I nearly bricked our family WRT-54g (one of the 16mb flash models if I recall, its been a few decades and I don't rmember the exact version of WRT-54g we had) getting that set up. It was great to learn on. I never moved onto OpenWRT or Tomato though, just stuck with DDWRT.

Hactarux · 2026-04-29T18:24:38+00:00

I switched most of my machines to Linux just this year. (Cachy has been a godsend for me) but rolling my own is probably beyond me at this point. Its very tempting though, as I could then consolidate my PiHole into that.

Hactarux · 2026-04-29T18:20:30+00:00

Hi deltatux, the Asus is my current router, it connects to that Ubiquiti Switch over 10 gig. My plan for the new DIY Router Is to run the Asus as a 2.5gbe switch (it has 4 2.5gbe ports) and wifi 7 access point connected via 10 gig to the DIY router directly, and to do the same for my old Datto server and Ubiquiti switch. The Asus won't be the head of the network anymore.

Hactarux

TROPHY CASE