Self-hosted firewall control

WireGuard and routing, simplified

Gator is a local control plane for OPNsense. Deploy VPNs, manage site-to-site tunnels, and control selective routing without clicking through endless firewall menus.

Get started View on GitHub

GPLv3 License

Self-hosted Deployment

Go + SolidJS Built with

gator control center

Live

Routing Policies

Discord voice traffic Bypass VPN

Streaming services Mullvad

Catch-all default Selective

Gateway

MULLVAD_WG

Connected · 847 days uptime

Reconciler

System healthy

0 drifted rules detected

Tunnel

Site-to-site ready

2 remote endpoints configured. Keys synced. Health checks passing.

Capabilities

Built for operators who know their network

Gator doesn't try to abstract away your firewall. It gives you faster, safer tools for the things you already do manually in OPNsense.

Selective Routing

Route only specific traffic through VPN tunnels. Send Discord direct, Netflix through VPN, and everything else through your default gateway.

WireGuard Management

Deploy and manage WireGuard configurations across multiple OPNsense instances. No more hand-editing config files.

Drift Detection

When someone edits firewall rules directly in OPNsense, Gator notices. Review changes, re-adopt, or restore from backup.

Multi-Instance

Manage multiple OPNsense firewalls from a single control plane. Switch between production and lab environments instantly.

Backup & Restore

Download configuration snapshots, migrate between instances, and recover from mistakes without rebuilding from scratch.

Local-First

Runs entirely on your network. No cloud accounts, no telemetry, no external dependencies. Your firewall data stays yours.

Workflow

Three steps to operational clarity

Stop managing firewall state through brittle manual edits. Gator gives you a single source of truth that stays in sync with your OPNsense instances.

Connect your firewall

Add your OPNsense instance, verify API credentials, and let Gator discover what's already configured.

Define your policies

Create routing rules, configure WireGuard tunnels, and set up selective traffic policies in the UI.

Deploy and monitor

Push changes to your firewall. Gator tracks drift, handles rollbacks, and keeps everything in sync.

Open Source

Your network, your control

Gator is GPLv3 licensed and runs entirely on your infrastructure. No cloud lock-in, no subscription fees, no hidden telemetry. Just a solid tool that works.

GPLv3 licensed — use it, modify it, share it

Self-hosted on your own infrastructure

No cloud dependencies or external APIs

Built with Go + SolidJS for reliability

View on GitHub

$ git clone https://github.com/anothaDev/gator.git

Cloning into 'gator'...

$ cd gator/app && docker compose up -d

[+] Running 1/1 ✔ Container gator-app Started

$ curl http://localhost:8080/health

{"status":"ok"}

$ _