Difference between pfSense and OpenWrt

Naftali · August 31, 2020, 5:27am

Hi

What is the difference between pfSense and OpenWRT? Expect one is based on BSD and the other on Linux?

psherman · August 31, 2020, 2:19pm

BSD is a specific distribution of Unix (Berkeley Software Distribution). It is subject to the BSD license which has certain restrictions and implications for various types of projects.

Linux is extremely similar but basically operates with a different licensing scheme called GNU. In most cases, the functional layers and syntax of the environments are nearly identical, but the underlying code was written to be truly open source.

What’s the difference?

It is like the difference between an early IBM PC and the Compaq (and soon other) clones that came out to compete with IBM.

Now, pfsense is actually intended to run in general purpose computer hardware (essentially desktop computer grade) with relatively large amounts of storage, RAM, and processor power. OpenWrt can run on that same hardware, but is optimized to run on small embedded devices like consumer routers.

castillofrancodamian · August 31, 2020, 8:33pm

Where did you take that image capture?

castillofrancodamian · August 31, 2020, 8:37pm

Could OpenWrt ever become a suitable platform for x86?

vgaetera · August 31, 2020, 8:50pm

It depends on your tasks.
Yes, you can already use OpenWrt to manage networking, firewalling and the like.
But, general-purpose Linux distros are more suitable in other ways.
It's unlikely to change in the near future.

M10 · August 31, 2020, 8:52pm

not main target but works quite good, personaly moved to pfsense for main utm , openwrt on ap, i'm happy
with this setup

castillofrancodamian · August 31, 2020, 8:53pm

I mean if OpenWrt can at some point be adapted as pfSense and take advantage of all the resources of the PC as they say in this forum about that OS.

vgaetera · August 31, 2020, 9:00pm

OpenWrt can use as much resources as required by the running services.
There's no need to use more if your tasks do not require it.

M10 · August 31, 2020, 9:01pm

i use custom firewall rules, opendns, vlan and suricata ids - the last one saw somene try to run on openwrt but can't find it now, on pfsense/opnsense this can be configured by 15minutes by gui and works like a charm , and for me pfsense have pretty webgui with dark mode

tapper · August 31, 2020, 9:27pm

PFSense is not as good as OpenSense. OpenSense seems to have more up to date packages.

diizzy · August 31, 2020, 11:27pm

M10 · September 1, 2020, 7:38am

maybe opensense have more packages like working wireguard and often came updates but in my case i like this pfsense webgui but there is also difference in performance between *sense and openwrt like with openwrt is more than twice time faster on the same hw. there is one more world worth of try - sophos xg utm with free home license have lots of worth features and can recomend for try it .

poodad · September 2, 2020, 3:08pm

OpenWRT will probably never be as popular as pfsense or OPNsense on x86 because pfsense/OPNSense has considerably greater capabilities than OpenWRT.

One thing OpenWRT on x86 has going for it is that being linux based, it has far greater hardware support than pfsense/OPNSense's FreeBSD. So if you have obscure NICs or wifi hardware that aren't supported in FreeBSD, OpenWRT would be option.

Another area where OpenWRT beats pfsense/OPNSense is LTE modems. FreeBSD doesn't have MBIM or QMI, so the only option for LTE connectivity in pfsense/OPNSense is PPP which limits performance pretty severely (something like 30mb/sec, IIRC).

BTW, OPNSense is a fork of pfsense. OPENSense was forked when pfsense switched to a different framework for the management web interface. Also, OPNSense targets very frequent updates with the idea that frequent updates mean better security. Pfsense updates very infrequently with the idea that less frequent updates and more testing means better stability.

I'll try not to start an ideology war here, but the pfsense developers started engaging in some decidedly unseemly and un-open-source behavior after OPNSense forked. Many people won't touch pfsense with a ten foot pole because of the behavior of the maintainers.

anon50098793 · September 2, 2020, 3:29pm

totally different animals...

one is total gw... the other embedded multitool ( yes x64/86 gw is a key one of those tools ) ... pro's and con's in each...

out of interest... what are the two top Linux based competitors to pfSense these days... used to be smoothwall and... maybe monowall for limited... smb-something or other for more 'corporate' use...???

poodad · September 2, 2020, 4:44pm

There's no real linux based competitor to pfsense. Monowall was what became pfsense. Smoothwall is commercial. There's still a (well hidden) GPL version called Smoothwall Express, but it has not been updated since 2014.

Sophos has not one, but two full-featured linux based next-generation firewalls. They both are free for home use.

Untangle is linux based, but is commercial. I think they still have a free crippled home version.

Really, OpenWRT is the only linux based fully open-source alternative to pfsense/OPNsense.

anon50098793 · September 2, 2020, 4:49pm

wow... hard to believe... yup... that's when I moved away from most of those distro's ... circa 2010ish when they all seemed to start forking 'full commercial' editions...

smoothwall was very cool... my first home router used a 433-ish pentium over dialup running on smoothwall, dansguardian, transparentproxy... those were the days!

BillyBlaze · September 2, 2020, 5:34pm

I'm not sure that is entirely correct. What about ipfire?
https://www.ipfire.org/

poodad · September 2, 2020, 6:45pm

Did not know ipfire existed.

Naftali · September 3, 2020, 3:56am

Screenshot from https://www.privacytools.io/operating-systems/#firmware

diizzy · September 3, 2020, 2:43pm

I'm using NCM just fine on FreeBSD however