plugins
plugins copied to clipboard
opnsense
Request: Netmaker Plugin
Netmaker is a full-mesh wireguard overlay network that is an alternative to Zerotier or Tailscale. Netmaker uses kernel wireguard, so it is ~5x faster than either competitor. It is open-source without any node limits like zerotier has.
An author has posted in r/opnsensefirewall declaring compatibility with FreeBSD, so there might be interest in collaboration.
The plugin in OPNSense should be capable of operating as an:
- "Netmaker Server" so there is no dependency on a third-party (or subjection to future node-limits)
- "Ingress Gateway" allowing any generic wireguard client access to the overlay network,
- "Egress Gateway" allowing overlay network nodes access to other LANs
Posting rules:
- [✅ ] I have read the contributing guide lines at https://github.com/opnsense/plugins/blob/master/CONTRIBUTING.md
- [✅ ] I have searched the existing issues, open and closed, and I'm convinced that mine is new.
- [ N/A] When the request is meant for an existing plugin, I've added its name to the title.
I already invested couple of hours in it, but the full mesh was a bit clumsy in my testing. Die you test it by yourself on Linux or similar?
Hi, one of the authors of Netmaker here. Just wanted to +1 this. We maintain a FreeBSD client and would love to see an OPNSense plugin for it.
Hi, one of the authors of Netmaker here. Just wanted to +1 this. We maintain a FreeBSD client and would love to see an OPNSense plugin for it.
Is there a guide on how to deploy this on OPNsense, especially for site-to-site WireGuard VPN?
We do not have a guide for deploying on OPNSense, just for freebsd in general: https://docs.netmaker.org/netclient.html#freebsd
But this is the client only, most of the users want to run the server on it
But this is the client only, most of the users want to run the server on it
I would love to be able to run a netmaker server on Opnsense :)
+1 million - Just discovered OPNSense and Netmaker (researching for special use case project), both blowing my mind and using one atop the other but not integrated. If I could configure netmaker (server and client) using OPNSense.......well let me put it this way, there would be a rubbish skip in the front of the office filled with equipment to go for recycling. So please for the love of god DOOOOOOOOOOO IT!
LOL
If anyone volunteers installing the netmaker Binary on it and starts testen I will build one
I would love to see a client implementation as a plugin, especially the Egress Gateway function would be really helpful
But this is the client only, most of the users want to run the server on it
I would be very happy with the client to start with.
I'm trying to get Netmaker Client running on OPNsense. But the FreeBSD script fails. Tried to install manually but I fail (probably due to my lack of FreeBSD/OPNsense knowledge). Did anyone succeed to get the netmaker client running of OPNsense in any way? @afeiszli? I'm happy to invest some time in this if someone more knowledgeable can give me a hand.
As a big OPNsense user and having a need for the Netmaker server to run on the OPNsense platform, I am going to give it a shot. Reversing the Github build process it should be able to be done, but no guarantee because it is built on Linux. I created an SBC plugin for OPNsense using Asterisk so I should be able to build an OPNsense UI for it. Don't expect an overnight success with it. I'll take a look at the client too.
As a big OPNsense user and having a need for the Netmaker server to run on the OPNsense platform, I am going to give it a shot. Reversing the Github build process it should be able to be done, but no guarantee because it is built on Linux. I created an SBC plugin for OPNsense using Asterisk so I should be able to build an OPNsense UI for it. Don't expect an overnight success with it. I'll take a look a the client too.
If you need some help ping me, as mentioned never done a plugin but some it skills.
Good day. Here is an initial FreeBSD package for Netmaker server that runs under FreeBSD and OPNsense. https://ksatechnologies.jfrog.io/artifactory/os-netmaker/ This is first attempt but it does install and run.
Everything is under /usr/local/[ etc/netmaker | sbin | var/log/netmaker | var/run/netmaker ]
rc.d script is also included so you can use service netmaker <cmd>
This should get people started to manually configure it to run via the yaml file and a bit of "OPNsense" FW/NAT rules.
I will be added a os-netmaker repo to my GitHub with an initial netmaker skeleton plugin in the near future. Look for it on my GitHub repo https://github.com/TheGrandWazoo
Also, looks like people might need a 'client' version. Will work on a package for that.
Yes, just yesterday. Not yet complete but installs in OPNsense and configures a config file and runs the service. Will be uploading the code to github and hopefully a OPNsense package to download and install. I might change the way it configures it because I was thinking a "Tenant" type scenario but trying to figure out how that works in Netmaker.
Yes, just yesterday. Not yet complete but installs in OPNsense and configures a config file and runs the service. Will be uploading the code to github and hopefully a OPNsense package to download and install. I might change the way it configures it because I was thinking a "Tenant" type scenario but trying to figure out how that works in Netmaker.
Cool! I'm about to test out netmaker next week or so. Will be able to help out with testing.
My idea is to get a "manager" on one network and then have this as an ingress node for clients and a site-to-site
Have not done any ingress or egress yet, but that is to come as I am reverse engineering the Netmaker and Netmaker UI for Database transactions to see what needs to be done from that aspect.
@TheGrandWazoo I just found your personal (public) repo for the plugin, if you don't mind, I'd like to share the link here. Maybe it'll help others make progression, I'm going to try it myself today.
GrandWazoo OPN os-netmaker plugin repo.
Would you be able to share the steps you've taken (as comment of direct message)? Don't exactly know how to start building plugins yet (only did an ARM64 OPN build so far), but would like to make it easier for others (like me, we don't know what were doing but we like it).
edit: For anyone willing to help but who has no idea how the project structure fits together, OPN has a nice example to follow along OPN plugin guide
I am going to change from a top menu to a side menu so it is inline with the Netmaker product and other plugins. I have not done any ingress/egress yet. Please use the GitHub issues to create tickets for suggestions and ideas so I can get what the community is looking for.
Also going to get some Github Actions going so it will create a OPNsense package.
This issue has been automatically timed-out (after 180 days of inactivity).
For more information about the policies for this repository, please read https://github.com/opnsense/plugins/blob/master/CONTRIBUTING.md for further details.
If someone wants to step up and work on this issue, just let us know, so we can reopen the issue and assign an owner to it.
@fichtner @AdSchellevis there's been movement on this initiative; can it remain open?
This issue has been automatically timed-out (after 180 days of inactivity).
For more information about the policies for this repository, please read https://github.com/opnsense/plugins/blob/master/CONTRIBUTING.md for further details.
If someone wants to step up and work on this issue, just let us know, so we can reopen the issue and assign an owner to it.
