TL;DR - www.pf2opn.com

I read about the desire for a converter here in r/homelab and on r/selfhosted this morning and I thought it would be an interesting Saturday afternoon project. I did not write this to claim a bounty.

pf2opn accepts a configuration file from pfsense in xml, does some basic sanity checks, and renders the result which you can copy. You can also download the generated xml, if you wish. The conversion happens in-memory, there are no trackers on the site, and I don’t use any external services to convert your configuration. Reading and converting your configuration happens and stays on your machine. It does not cache the converted file.

I’m not running either platform in my own homelab, but I was able to find a few example configurations for pfsense and opnsense. I’d appreciate some feedback from you all as I don’t think the mappings are 100% correct yet. But I think it’ll spit out a nearly-usable opnsense configuration as is. However, the more sample feedback we get, the closer we can nail the conversion.

Don’t forget to create backups and please don’t deploy straight to prod.

  • jaskij@alien.topB
    link
    fedilink
    English
    arrow-up
    1
    ·
    1 year ago

    Do pfSense configs include passwords? I’d think so, at least some. An instruction how to scrub them manually before uploading would be a welcome addition.

    • kelthuzad12@alien.topB
      link
      fedilink
      English
      arrow-up
      1
      ·
      1 year ago

      password

      Just a heads up at one point the haproxy stats didn’t redact the user’s password in the configs. I noticed in config export (on 2.7.0 now) that it contained both my username and password in these fields. Either way I wouldn’t feel too comfortable using a 3rd party for this purpose.

      https://redmine.pfsense.org/issues/10794

      Edit: Looks like the openvpn-client-export package had it saved in there too =/