OPNsense

OPNsense

Website

Open source firewall and routing platform for network security

RepositoryWebsite
4.2kstars
894forks
Last commit: 1d ago
Repo age: 12y old
OPNsense screenshot

OPNsense is an open source firewall and routing platform used to secure and manage networks. It combines a web-based management interface with a systems backend and API to configure firewalling, routing, and related network services.

Key Features

  • Web-based GUI for firewall, routing, and system management
  • Built-in API for automation and integrations
  • VPN capabilities for secure remote access and site-to-site connectivity
  • Captive portal support for guest and managed network access
  • Traffic shaping and policy-based controls for bandwidth management
  • Extensible platform with additional services typically used at the network edge

Use Cases

  • Perimeter firewall and router for a home lab or small business network
  • VPN gateway for remote workers or inter-site connectivity
  • Guest Wi-Fi access control using a captive portal

Limitations and Considerations

  • Some advanced features and tooling are reserved for the Business Edition

OPNsense is well-suited for users who want a modern, verifiable, and configurable firewall/router stack with a strong web UI and automation-friendly API. It can serve as a central edge device for both homelab and professional network deployments.

Categories:

Network Security (VPN, Firewall, WAF)Core Network Services (DNS, DHCP, IPAM)Edge & Traffic (Reverse Proxy, Load Balancing, Web Servers)

Tags:

# VPN# API# Proxy# Access Control# Admin UI# Firewall

Tech Stack:

JavaScriptJavaScriptSCSSSCSSPythonPythonPHPPHP
Share:

Similar Services

Pi-hole

Pi-hole

Network-wide DNS sinkhole for ad and tracker blocking

55.3k
3k
Last commit: 1mo ago

Pi-hole is a network-wide DNS sinkhole that blocks ads and trackers for all devices on your network, with a web dashboard, query logs, and optional DHCP server.

Alternative to:
AdGuard
AdGuard+7
Headscale

Headscale

Self-hosted control server for Tailscale-based WireGuard networks

34.3k
1.8k
Last commit: 8d ago

Headscale is an open source, self-hosted implementation of the Tailscale control server for managing a private tailnet, nodes, keys, IPs, and routes.

Alternative to:
Tailscale
Tailscale+9
AdGuard Home

AdGuard Home

Network-wide DNS server that blocks ads, trackers, phishing and malware

32.1k
2.2k
Last commit: 1d ago

Open-source DNS-based ad & tracker blocking server for networks. Offers per-device rules, parental controls, encrypted upstream DNS (DoH/DoT/DNSCrypt), web UI and API.

Alternative to:
AdGuard
AdGuard+5
Web-Check

Web-Check

All-in-one OSINT tool for analyzing any website.

30k
2.4k
Last commit: 4d ago

Comprehensive on-demand OSINT to analyze a website's security, architecture, and tech stack.

Alternative to:
Shodan
Shodan+8
wg-easy

wg-easy

WireGuard VPN server with a web-based admin interface

24.1k
2.3k
Last commit: 2d ago

Run a WireGuard VPN server with an easy web admin UI to manage clients, generate configs and QR codes, and monitor connections and traffic.

Alternative to:
Tailscale
Tailscale+14
NetBird

NetBird

WireGuard-based overlay network with SSO/MFA and granular access controls.

21.1k
1k
Last commit: 1d ago

Open-source zero-trust networking platform delivering a WireGuard-based private network with centralized access control, SSO/MFA, and cross-platform clients.

Alternative to:
Tailscale
Tailscale+17