Creating an opensource firewall solution
Today I decided to create my own opensource firewall solution. Why reinvent the wheel when there is OPNsense and linux base solution? Short answer is I want it fully opensource forever. Long answer is, pfSense got so commercialized that they even stopped releasing community versions openly. OPNsense on the otherhand is fully open but there is still a commercial backing which I think in the future will become like pfsense. Linux solutions exist also but I am more comfortable with OpenBSD.
Below are the components of a network security solution
| Component | Selected | Reason |
|---|---|---|
| Platform | OpenBSD | Read this |
| Web Front | HTML/CSS/JS only | Too much drama on js frameworks |
| Web API | Golang native net/http | I like golang nowadays, I used to build my projects based on Python/Perl/Js before |
| System Tools | Shell scripts | OS itself already has the tools |
Core Milestone
Web UI/API
- Config Manager - Interface | Host | Tunables | Logging
- Firewall Manager - Firewall Rules | Alias | Tables | Traffic Shaping | QoS | Rate Limit
- Service Manager - DHCP v4/v6 | slaac | rDNS | VPN | ISP
- Status Manager - Traffic Graphs | Interfaces | Gateways | Logs
- Utils Manager - Traceroute | Ping | Shell
- Plugin Manager - For future features
Build Tools
- OS build manager
- Install Manager
Github CI/CD pipeline
