Replacing pfSense with FreeBSD

B

balanga

I have been running pfSense on my router for several years and it has been doing its job pretty well, but I'm finding I need to get behind the GUI and get my hands dirty just using FreeBSD. Initially I want to switch off the DHCP function in pfSense and use DHCP on FreeBSD. The problem is, if I disable the DHCP server in pfSense I also need to disable the resolver, and if I do that I can't access the Internet, so the question is how do I enable the same function in FreeBSD? Apologies if this is a newbie type question, but I feel like a Windows user who has been dumped at the command prompt.

And if anyone says that I am looking for help with pfSense just because I've mentioned it, then that is clearly not the case, it's a question about setting up FreeBSD. I still want to use pfSense as my gateway to the Internet, but want to hive off some of the functions which it currently provides.
 
balanga said:
The problem is, if I disable the DHCP server in pfSense I also need to disable the resolver, and if I do that I can't access the Internet, so the question is how do I enable the same function in FreeBSD?
Click to expand...
Neither services are provided by a "bare" FreeBSD. So, check whatever pfSense is using and install it on FreeBSD too.
 
There are a few ways to accomplish this. One way is to keep pfSense as your firewall. To do this you want a transparent filter bridge.
support.adamnet.works

Running on a Transparent pfSense Bridge

This article will show you how to setup pfSense as a transparent bridge, and installing adam:ONE (DNSthingy) to filter all traffic. Configure pfSense in Bridge Mode Disable NAT Enable Packet Filter for Bridge Interface Find the setting called net.link.bridge.pfil_bridge and set the...
support.adamnet.works support.adamnet.works

Transparent Filtering Bridge — OPNsense documentation

docs.opnsense.org docs.opnsense.org
This will require a second box behind your firewall to do resolving and routing.
You could even install Suricata on this box for additional filtering.

The other approach is to use FreeBSD only and learn pf or IPFW.
The resolving and gateway/routing is simple. Learning firewalling is more challenging.
 
You must log in or register to reply here.
Back
Top