Call for Meeting: NethServer 8 Alpha - 25 Feb 2022

@kelevra

If a firewall appliance can’t handle simple DNS and Reverse Lookups, it’s not really much use as a firewall / edge router.

And NethServer’s DNS is - sorry - REALLY CRAPPY!

No correct CNAMEs, therefore incorrect Reverse Lookups… :frowning:

More than enough reason to use OPNsense, which handles internal DNS correctly.

OPNsense also provides this:
Adding roadwarrior clients to NS7 is great and you get a single configuration file that any user can handle …

NethServer can’t “clone” objects…

My 2 cents
Andy

1 Like

It’s closer to a DNS relay (with some features from DHCP server) than a full fledged DNS server, at least for NS7.

1 Like

I know, but if running AD, using NethServers DNS is a must for clients…
Add to that the fact the GUI can add working CNAMEs - but only for NethServer itself, not for any other host…

:frowning:

Not everyone needs it, and if they do, there is a Technitium DNS Server, many routers also do not have a fully-fledged DNS and they get along just fine without it, even though it is impossible to put it there.

P.S. By the way, in OPNsense rspamd I never configured, for this reason and rolled NS7)

2 Likes

No problem with that. A router is a router, if you need more, that’s up to you.

I see NethServer as a server, not as a firewall, that’s how I use it for my clients.
After all, it IS called NethServer, not NethFirewall or NethGate or whatever… :slight_smile:

Mailfiltering on a mailserver is fine with me, I don’t see the firewall has to deal with mail…
VPN (in addition to VPN on the firewall) is also OK with me.

One of the major benefits of having a seperate firewall as a box is:
No matter what goes wrong on your server, you still have Internet to search for solutions, drivers, what-have-you… :slight_smile:

Another is that my swiss clients prefer a separate box. And the client is king!

My 2 cents
Andy

1 Like

I specifically bought a box in china with 4x lan 8gb on ntel(R) Celeron(R) J4125. First I pumped OPNsense. And if vlan and networks I configured, rspamd still failed. I specifically use this box at home as an advanced router for everything filtering and routing with vpn for the home network and from it all goes to the cisco 2960 poe to which 2 servers are already connected. I could of course also install servers on proxmox, such as DNS, VPN… But I want to have that part exactly on this box…)

2 Likes

@kelevra

That’s the best thing about source: everyone can use it - whole or part - as they need it.
Or put additional parts / componetns in to make a bigger “thing”.
Or fork and make new…

It’s all up to you - and your capabilities / knowhow…

And if you can improve anything, don’t bitch about it, but improve and return your (better) code for review!

:slight_smile:

My 2 cents
Andy

PS: My home OPNsense:

8 Intel NICs, 32 GB RAM, 120 GB SSD…

A bit overkill, but was expecting fiber sooner, delayed due to Covid the last two years… :slight_smile:

1 Like

Download: 432.71 Mbit/s
Upload: 482.57 Mbit/s
Tests this box with NS7, so that and 4 x Intel(R) Celeron(R) J4125 CPU @ 2.00GHz is good enough. If honor I also have rspamd in there and it works fine)

@kelevra

I use Home Assistant, it also monitors using Speedtest.net

I get about 800-900 Down, 100 up, but I have about 15% used for Offsite Backups to my home…
(So 600-800 is shown, QoS separated…)

:slight_smile:

Our providers don’t give such speeds. Half a gigabit at most.

2 Likes

Guys we are not going to drop the firewall UTM part of NethServer :slight_smile: don’t worry

Recording ready @stephdl @m_farlotta @Luca_Menghetti @dz00te @pierluigi @compsos @ns_nirosh @thorsten @Zoltan_Polyak @bwdjames @sharpec @gica78r @jdcook @paolo @Harry_Gleb @simonez @Linux_monger @derwisch @Axel @mrmarkuz @geofxgt @hector @Ulerich @ricko @Andy_Wismer @france @diego.martin @oneitonitram @vater @loryaegis @LayLow @michelandre @jsianard @rstedmond @LB_Andersen @Nwb_ca @cyberfarer @Marc_Siweck @mmaridev @corteq @tessierp @Elifa @Dgtadmin @Conan_Kudo @Shane_Treweek @TimmiORG @AmperloVoltic @anderson_gomes @bradjtrammell @dasuberadmin @JHopkins @swordforthelord @Cristian_Manoni @deepdace @Usernam3 @AndreaPino @Andrew_Fisk @Ingo_Luedke @Sameer_Mogale @dalton @MLpNeth @noureddinel @fasttech @JOduMonT @kayazeren @EddieA @kelevra @robb @drivemeca @maddin @fuso @PCXLan.es @royceb @ndroftheline @it-lf @chrkli @nio707 @vesalius

11 Likes

Alessio… i like the firewall part of NethServer. But “UTM”… well…
Being kind, it’s quite optimistic. Being real, it’s quite too bold statement…

2 Likes
2 Likes

Hello everyone, we talked about AD provider, I was wondering if the administration should continue to be managed with rsat?

1 Like

Hi @france

It really depends on what you’re using / what’s needed…

AD’s main use on NethServer is to allow file shareing with “authentificated” shares, not just public shares.
Of course it can also be used to integrate Windows workstations / servers into a single management. The Global corporate IT prefers this use case…

Now, if I have a couple of Linux Desktops and Mac workstations, I’d have no real use for RSat, but still have good use for Authenticated Shares. So simple Cockpit administration is completly sufficient, maybe additionally PHPLDAPAdmin…

But if you intend on managing Windows Workstations - the best way is still using MS-Tools like RSat (Until they provide newer tools, eg for Windows 12…).

You can also use other commercial tools for administrating AD networks (There are quite a few on the market…), but those are limited to whatever protocolls / methods open up for the clients - and MS RSat probably already uses them…

My 2 cents
Andy

3 Likes

Hi all,

Is there a way to have a custom made module show up in the UI?
For example I installed portainer on NS7 but I couldn’t access it if I didn’t know the endpoint.

How can we make our modules show up in the Installed Software section and how can we give the user some additional configuration options like shown in the Docuwiki example?

@dasuberadmin i beleive with NS8, most installations are based on modules, unless i am wrong.
in that case, if they are all modules, and there is a ready template created, it already has the functionalities to show those details on the dashboard

Hi Andy, I fully agree with what you wrote. However, in my personal opinion, having a server as a “Open” nethserver allows you to offer customers a very well-performance server, with Microsoft services that can be used at no cost! This does not mean that nethserver replaces an AD windows server, as the firewall part does not mean that it replaces an Opnsense or Pfsense or other. In short, Nethserver is a platform that in my opinion integrates with the IT market, having the power and reliability of a Linux system and that as a strength has the potential to offer services even in the Windows context.

Hi @alefattorini
is there already a kind of timeline for the UTM Firewall / Multiwan / VPN part?
Best regards
Christoph

Hi @france

I did mention the use like integrating a Windows ERP server as a member server - or like Nethesis does, use the SQL-Server in the commercial “Cube” application that can be found in Software Center…

I agree it’s great, and use NethServer for all my clients and myself.
All in AD mode… :slight_smile:

My 2 cents
Andy