We Want to Hear Your Ideas

[Ericloewe]

It's a NAS, not a firewall...

 

[marian78]

It's a NAS, not a firewall...

And? There are SSH, FTP, TFTP, WebDAV and more native services and I want control who and what can use on my FreeNAS box. And what, if I want to use whole FreeNAS box as public FTP (yes, I have pfSense box and have separate DMZ network)? ;)

ipfw - I want basic GUI, not integrated pfSense box....

 

[danb35]

There are ssh, ftp, tftp, webdav and more nativ services and i want control who and what can use on my freenas box.

What services are available is controlled by turning them on and off as desired. Controlling who can use them isn't within the capabilities of ipfw--it doesn't have any user authentication capabilities.

And what, if i wanting use whole freenas box as public ftp

Then you're wanting to use the wrong tool for the job.

Edit: I'm trying to avoid commenting on the suggestions here, other than to offer currently-existing alternatives to a few of them, as I'm seeing the purpose of this thread as brainstorming. But I do think the firewalling suggestions are pretty far afield.

 

[marian78]

What services are available is controlled by turning them on and off as desired. Controlling who can use them isn't within the capabilities of ipfw--it doesn't have any user authentication capabilities.

yes, but also I wanted fail2ban.

Then you're wanting to use the wrong tool for the job.

hm.... what is different from native FTP on FreeNAS (if I want use whole FreeNAS box as FTP) and vsftpd, proftpd for home or small office?

 

[danb35]

FreeNAS is designed and intended to be used on a protected LAN. If you're putting to a use where protection against brute-force attacks is an issue, you're probably using it in a way that it was never intended to be used. FTP in particular should never be used if security is remotely an issue.

 

[marian78]

1. it was never intended to be used / We Want to Hear Your Ideas
2. protected LAN - WPA2 is broken (also we have 0-day, Meltdown, Spectre), how many users have their NAS box on LAN behind regular wifi routers without fix?

 

[Ericloewe]

wpa2 is broken

I must point out that all client OSes of any relevance have been patched to prevent the KRACK attack against WPA2. Access points can also help mitigate it for unpatched clients.

My point is, there's a very big difference between exposing an FTP server to the internet and having an FTP server on a LAN, even if there are ways of compromising that LAN.

 

[marian78]

I must point out that all client OSes of any relevance have been patched to prevent the KRACK attack against WPA2. Access points can also help mitigate it for unpatched clients.

My point is, there's a very big difference between exposing an FTP server to the internet and having an FTP server on a LAN, even if there are ways of compromising that LAN.

ok, maybe that is only my option, but i thing that today its not difference. Many manufacturers of routers dont release any fix (dlink, tplink, netgear, asus....).

 

[m0nkey_]

@Bgadd Future requests for ideas to be submitted via a survey? :) This thread appears to be going off a tangent and needs to get back on track.

 

[Ericloewe]

Future requests for ideas to be submitted via a survey? :)

You mean like a bug tracker? I hear that redmine thing is popular these days...

Silliness aside, one thing I've noticed is that many (if not most) requests here already have tickets in the bug tracker (some of which have been there for a loooooong time).

Another interesting category are suggestions for things that are in the process of being rewritten, like the alerts system. It'd be nice to see those suggestions integrated (or at least to see care being taken to allow for future expansion).

 

[pitt1717]

not sure if it was posted. but LDAP for administration access so all my devices I manage can use one account. leave root for local access

 

[TECHMAN2000]

Is there any way to have a button on the SMB permissions saying (no delete icon) or a button. Stopping clients deleting files or folders instead going through command.

 

[m0nkey_]

Is there anyway to have a button on the SMB permissions saying (no delete icon) or a button. Stopping clients deleting files or folder's instead going through command.

In order to do that, you must use a Windows dataset. Check my permissions video: https://forums.freenas.org/index.php?resources/freenas-and-samba-smb-permissions-video.8/

 

[mrMuppet]

Controlling fans via ipmi and (drive-) temperatures.

Gesendet von meinem ONEPLUS A3003 mit Tapatalk

 

[kdragon75]

<rant>Just toss the AD controller functionality. This just seems SOOO out of place its nutty. This is a NAS. I get a lot of home users use it as a catch all server but I have yet to see anyone claim they use it as the "PDC" and have full stable functionality. If you going to add something like that, flesh it out and make it work. This is one thing that drives me nuts about FreeNAS. There are so many half baked "features" that lack documentation or are just confusing.

In short, I would like to see FreeNAS go back to the basics and get that 100% before adding virtualization or an AD controller. I want to see a clean simple NAS (and perhaps SAN) solution. I don't know if TrueNAS is better in that regard but I sure hope so as a paid product.

FreeNAS almost feels like a Honda. A rock solid car with a bunch of crap bolted and sometimes taped on. With the new UI it just got under glow lights... you have a potentially rock solid product (errr FreeBSD) don't cheapen it with gimmicks.</rant>

 

[hescominsoon]

<rant>Just toss the AD controller functionality. This just seems SOOO out of place its nutty. This is a NAS. I get a lot of home users use it as a catch all server but I have yet to see anyone claim they use it as the "PDC" and have full stable functionality. If you going to add something like that, flesh it out and make it work. This is one thing that drives me nuts about FreeNAS. There are so many half baked "features" that lack documentation or are just confusing.

In short, I would like to see FreeNAS go back to the basics and get that 100% before adding virtualization or an AD controller. I want to see a clean simple NAS (and perhaps SAN) solution. I don't know if TrueNAS is better in that regard but I sure hope so as a paid product.

FreeNAS almost feels like a Honda. A rock solid car with a bunch of crap bolted and sometimes taped on. With the new UI it just got under glow lights... you have a potentially rock solid product (errr FreeBSD) don't cheapen it with gimmicks.</rant>

I ahve to agree here. Toss AD out and the new ui? It's a flashy hot mess.

 

[voyager529]

Easyish method for submitting FreeNAS hardware config and server statistics to searchable database. Non-identifiable, of course. Voluntary (but possibly the default), of course.[SNIP]

(If I were the sale/marketing manager at iXsystems, I'd absolutely include a button in FreeNAS that says "compare my server's performance to our benchmark systems", then something (or maybe nothing) would happen in the background for a few minutes followed by a message along the lines of "your system is running in the bottom 70th percentile of servers in your class for ARC/network/disk performance; iXsystems will evaluate your configuration and recommend provide detailed performance tuning recommendations for $nnn; click this link to learn more about our evaluation and support services or sign up for a $99 Gold Access Subscription to our tuning knowledge base.)

Shut up and take my money!! This needs to happen!


Really, the only thing I'm really looking to see visited in earnest is the re-inclusion of the Docker system. Primarily because this exists: https://github.com/freenas/docker-images. 101 options that were done in a very short amount of time? That was super helpful and I was sad Corral got pulled for this exact reason.

Now some other folks are all too happy to say, "yeah, I've got an ESXi box for that", and I do understand where they're coming from on that...but I'm not exactly one to have the kind of money lying around to have a half-decent FreeNAS *and* a half-decent VMWare box, and though a gently-used R710 is cheap, power usage and noise start to become a factor. I'm definitely looking forward to the return of native Docker capabilities.

 

[Jurgen Segaert]

Virus scanning

It looks like the new/future iocage-based plugin system will include ClamAV.
https://github.com/freenas/iocage-ix-plugins

 

[MatthewSteinhoff]

This just seems SOOO out of place its nutty. This is a NAS. [...] like to see FreeNAS go back to the basics and get that 100% before adding virtualization

I'm 99% there with you. We only use the most basic of FreeNAS features at our offices. And, for that, FreeNAS is a slam-dunk. Rock solid with good performance. We don't need jails, plugins, packages, extensions or any of that stuff...

...BUT...

...please leave in virtual machine hosting. Because that gives people a contained place to expand FreeNAS as needed without really involving FreeNAS or cluttering the management interface.

If I need anything else on a single piece of hardware, the ability to throw a VM under FreeNAS allows me everything else. Active Directory, Plex, Minecraft, security video recorder, ownCloud, etc. can all be run in a VM. At home, I have Plex in a Linux VM and a security video recorder in a Windows VM. So convenient but with little impact or complication to the core FreeNAS system.

Cheers,
Matt

 

[kdragon75]

I'm 99% there with you. We only use the most basic of FreeNAS features at our offices. And, for that, FreeNAS is a slam-duck. Rock solid with good performance. We don't need jails, plugins, packages, extensions or any of that stuff...

...BUT...

...please leave in virtual machine hosting. Because that gives people a contained place to expand FreeNAS as needed without really involving FreeNAS of cluttering the management interface.

If I need anything else on a single piece of hardware, the ability to throw a VM under FreeNAS allows me everything else. Active Directory, Plex, Minecraft, security video recorder, ownCloud, etc. can all be run in a VM. At home, I have Plex in a Linux VM and a security video recorder in a Windows VM. So convenient but with little impact or complication to the core FreeNAS system.

Cheers,
Matt

For tiny budet limited environments, yeah I see the use case for VMs. I would just like to see the basics fully polished before more work on adding anything else. I know some people will disagree but I think the new UI needs to be done first. Then we can say we have EXPERIMENTAL support for VM's. Once thats FULL implemented with some more advanced tools (resource control in the UI would be a big one, think ESXi resource pools to prevent a VM from killing your NAS) then call it supported.

Also alot (most) of what your mentioning can be done in a jail. This makes more sense as jails are baked into the OS, are lightweight and support resource management (just not in the UI and this is a great example of something that's just not finished)

I just see such a rush to add more and more perhaps in an effort to stay popular? I don't know. Just be the best at what you do before you add more and say "We now support python whizz bang plugins just not in any user friendly or meaningful way."...