FreeBSD-based firewall and routing platform with a web GUI, VPN, IDS/IPS, and high availability
- Stars4.5k
- Forks955
- Open Issues326
BSD-2-Clause
- PHP
- Volt
- Python
About OPNsense
OPNsense is an open source firewall and routing platform built on FreeBSD. It runs as a network appliance with a web interface and an API, giving home and business networks stateful packet filtering for IPv4 and IPv6 along with a live view of passed and blocked traffic.
Beyond filtering, it handles multi-WAN setups with load balancing and failover, and built-in VPN support for IPsec, OpenVPN, and WireGuard. Inline intrusion detection and prevention is provided through Suricata, and a captive portal, traffic shaping, and proxy features are included. Reporting covers RRD graphs and NetFlow analysis.
High availability is supported through CARP-based hardware failover with state synchronization. OPNsense is released under the 2-clause BSD license and is developed in the open with a large user community.
Key features
- Stateful IPv4 and IPv6 packet filtering
- Multi-WAN load balancing and failover
- IPsec, OpenVPN, and WireGuard VPN
- Suricata inline intrusion detection and prevention
- CARP hardware failover with state sync
Details
- First released
- 2014
- Base system
- FreeBSD
- Interface
- Web GUI and API
- VPN
- IPsec, OpenVPN, WireGuard
- High availability
- CARP failover with state sync
- License
- BSD-2-Clause