this post was submitted on 17 Sep 2025
82 points (100.0% liked)

Privacy

41917 readers
692 users here now

A place to discuss privacy and freedom in the digital world.

Privacy has become a very important issue in modern society, with companies and governments constantly abusing their power, more and more people are waking up to the importance of digital privacy.

In this community everyone is welcome to post links and discuss topics related to privacy.

Some Rules

Related communities

much thanks to @gary_host_laptop for the logo design :)

founded 5 years ago
MODERATORS
 

What do you run; Opnsense, pfsense, Smoothwall, maybe a WAF like wazuh?

Today was update/audit firewall day. I'm running a standalone instance of pFsense on a Protectli Vault FW4B - 4 Port - Intel Quad Core - 8GB RAM - 120GB mSATA SSD with unbound, pfBlockerNG, Suricata, ntopng, and heavily filtered. I did bump the swap to 8 GB as I've previously noticed a few 'out of swap' errors under load.

Before I signed off, I ran it through a couple porn sites to see if my adblocking strategy was working. Not one intrusive ad. Sweet!

Show me what you got.

you are viewing a single comment's thread
view the rest of the comments
[–] Hobbes_Dent@lemmy.world 10 points 3 days ago* (last edited 3 days ago) (2 children)

OpenBSD pf

Edit: just home/hobby now, I’m not in tech anymore.

[–] JovialSodium@lemmy.sdf.org 4 points 3 days ago* (last edited 3 days ago) (2 children)

Also this. On some unremarkable HP office PC that's probably about a decade old. No ad filtering or anything as it interferes with others in the house. I've thought about trying a second unbound service with adblocking for me, but haven't gotten around to it.

[–] trailee@sh.itjust.works 2 points 3 days ago (1 children)

I run a secondary wifi network with “Ads” in its name, whose vlan doesn’t get forced into pihole DNS. It mostly prevents me from having to hear complaints from others in the house, and they barely ever use it.

[–] JovialSodium@lemmy.sdf.org 2 points 1 day ago

I quite like this idea, thanks! If I did this I could adblock all the rest of my network, which might help with blocking ads on things like smart TV's. I could also DMZ that wireless network. I would consider their devices untrusted (not malicious, just not careful), and they wouldn't notice the difference.

[–] irmadlad@lemmy.world 1 points 3 days ago

No ad filtering or anything as it interferes with others in the house

Ahhh the WAF (Wife Aceptance Factor). I made a seperate Vlan for my lady friend so when she comes over to visit, I don't have to reinvent the wheel for her. She can have all the ads and slop she can stomach, just keep it on your seperate branch and we'll both be happy.

[–] irmadlad@lemmy.world 4 points 3 days ago (1 children)

OpenBSD pf

I'd never heard of it so I went and checked it out. It seems to have a lot of pFsense/Opnsense features just managed from the cli. Cool.

[–] Hobbes_Dent@lemmy.world 11 points 3 days ago* (last edited 3 days ago)

It’s the ‘pf’ in pfSense.

pf is developed as part of the OpenBSD project and is the built in packet filter/firewall.