The pfSense Store

Author Topic: A hardy "Welcome!" to OPNsense!  (Read 9108 times)

0 Members and 2 Guests are viewing this topic.

Offline Mr. Jingles

  • Hero Member
  • *****
  • Posts: 881
  • Karma: +68/-9
    • View Profile
Re: A hardy "Welcome!" to OPNsense!
« Reply #90 on: Today at 12:34:04 am »
if you don't like pfsense just switch. 

This, plus: I've been taught to be grateful for what you get for free.

Staff over here has been rude from time to time, yes, but: they by no means have the monopoly on that (...). Everybody has his bad days from time to time, and some are better in hiding that than others. Soit (that's French  ;D ).

In the end what counts is: we get this for free, and should be grateful for that. I know I am. Perhaps I'm old species, being loyal and stuff  :P

Hardware1:Intel DQ77KB/Celeron G1610/8GB Corsair/WDC Hardware2 (backup):Dell R200/8GB/Xeon L3360/WDC Pfsense:2.2.1 X64/Snort Performance:CPU 10%/RAM 30% Broadband:VDSL 30/2 & Cable 30/2 OS:FreeBSD/W7/W8/Debian MIA - Most Important Assets WIFE and my Rottweilers.

Offline cmb

  • Administrator
  • Hero Member
  • *****
  • Posts: 8290
  • Karma: +329/-3
    • LinkedIn
    • Twitter
    • View Profile
    • Chris Buechler
Re: A hardy "Welcome!" to OPNsense!
« Reply #91 on: Today at 02:56:46 am »
I see code posted on github by opnsense dev's and copied into pfsense few days later ...

That's the point of open source where they're actually doing worthwhile things. That's only been a handful of commits. If they kept up with our commits, they'd be in a whole lot better shape. They're still missing security fixes we made months ago that are published here:

and no doubt a significant number of bug fixes (they forked from 2.2 beta, and didn't keep up from beta to release, much less since). The security update list is small and easy to keep up with if you're paying attention. The bug fixes, much harder to deal with since it's a long list.

Whats really the issue here, is pfsense is opensource and it has been forked. Result is that pfsense is nothing but a trademark and a name. Its not a product since you can get similar performance

Similar performance is definitely not true. With the "stable" releases they've put out that completely broke very widely-used features (VLANs, others), we'd have pages and pages of threads of broken things within hours.

No one's perfect there, but we do vast amounts of release testing, and we add more and more testing with every release. We have a significant IPsec test environment already, but I'm working this week and weekend on expanding that out, fully automated, to check all possible combinations of options. They don't have the kind of infrastructure or man power to come close to us in release testing.

Pfsense is nothing without the people that use their sparetime to develop and maintain packages for this OS project and we can all see that many of the original "nice" guys have gone and is never heard of again in here.

You really haven't followed commit logs in a very long time. There are still several active package maintainers, and no recent losses I can think of. Many submit pull requests across all the repos. Outside contributors come and go all the time.  It's how open source works with community contributors. Name one significant package contributor that's been active in the past 3 years who isn't currently active.

Around 90% of the total commits to our code base all time come from people we employ or employed at the time. The first ~3 years this was just a collection of volunteer efforts (and things were much simpler and less featureful). The past 8 years, the significant majority of the work has come from people on our payroll.

Getting stuck with PBIs for longer than we'd like (and the associated issues with FreeBSD 10.x) has discouraged some of the package maintainers. In 2.3, we'll be back to a sane state there, and I expect some of them who went inactive because of those issues will return.

Opnsense will succeed in what they want to achieve.

They don't have the resources. Franco spouts big words and things that might sound smart if you don't understand them in adequate depth, but it's enough to make us shake our heads at times. He's a capable developer in some regards for sure, but...

I go out of my way to try to be nice, pointing out the root of their file corruption problem which we're triple digit man hours into across a handful of people. They went off and implemented an awful hack, to copy new files into place if the old ones are corrupt, and threw in a "sync;sync;sync;" which has no impact on the root problem if you're testing for it correctly. Within just a few hours of him posting to their forum that the issue is "not fixable", one of our developers committed the fix for said "not fixable" issue to FreeBSD, after verifying across hundreds of power cycles in a circumstance that wouldn't last 5 without sync before that fix, with sign-off from every big name developer in that area of FreeBSD.

They might succeed to some degree, if they can keep up with what we're doing (all the heavy lifting). But even when we go tell them the problem, they don't actually fix it.

That ^ is a good example of what I mean by in over their heads. One more here.

And its bloody simple to update since it has been stripped of all the weird things that breaks things all the time in pfsense.

I don't see any technical validity to that claim. What "weird things", outside of PBIs which we've ditched already in 2.3 (and they haven't replaced), have they removed? I've seen a lot of what they've removed. A majority of that is NIH syndrome, and wasted effort on what is ultimately a dead end code base (all the PHP needs to die). A lot of their changes were wasted effort in reinventing the wheel on a dead-end code base.

When the bacis packages are available then its goodbye to pfsense. Not because I dont like it, but because of the hostility of ESF. Its not a friendly place to be anymore.

I'd never exhibited any hostility towards you until you started acting like an ass. At some point you reap what you sow, and my interactions with you end up being mostly defending us from you screaming the sky is falling and everything is shit when there is no actual problem. You're kissing their asses over there, should get a good reception. AFAIK you've never had anything but a good reception here until you started making wild, defamatory false or misleading statements. And I still reply back helpfully to other threads of yours.

I can't think of any instance where we've exhibited any hostility towards anyone who didn't bring it upon themselves, and even that is unusual.