About Scott Ullrich — nfSensei Blog

Then came the Commodore 64 — typing in BASIC programs from magazines, loading games and programs off a 1541 floppy drive (while dreaming of a Lt. Kernal hard drive), and learning that computers would do exactly what you told them to, nothing more. No internet, no Stack Overflow, just a blinking cursor and a manual. That machine taught patience, precision, and the addictive thrill of making something work from nothing.

There was a gap in the middle — a stretch of early middle school with no computer at home. So the school's DOS machines and Novell NetWare network became the playground instead. I figured out how to log into the NetWare admin console — the password was the name of the computer hub responsible for the network, which didn't exactly require elite hacking skills — and started randomly sending messages to people across the lab, acting completely innocent when they looked around confused. It was hilarious, educational, and short-lived. I was banned from the computer lab.

Lesson: Start with nothing, figure it out, make it work. Also: unauthorized access to the admin console has consequences. Worth it though.

From the C64 it was the Amiga — writing ARexx scripts and C on a platform that punched way above its weight. The Amiga's preemptive multitasking and multimedia capabilities were years ahead of everything else, and its community had the same "figure it out yourself" energy that would later define open source. While the rest of the world was still on DOS, the Amiga was doing real multitasking with a fraction of the resources.

Lesson: Elegant design can come from anywhere. The underdog platform with the right architecture will outperform the one with the bigger budget.

Then came pirated Windows 95 betas before anyone knew what a Start menu was. Red Hat Linux and its infamous stack of floppy disks — feeding your machine disk after disk, crossing your fingers through each one. Windows NT and 2000 Server in the enterprise. Novell NetWare with its IPX/SPX stacks and NDS directories.

Each system had its own philosophy about how networks should be managed, and each one left its mark. NetWare taught me that directory services matter. NT taught me that mainstream adoption requires polish. Linux taught me that openness wins in the long run.

Growing up surrounded by all of this — switching between platforms daily, seeing what each got right and wrong — built an instinct for what a network operating system should feel like. Not allegiance to any single platform, but a sense for the patterns that actually work regardless of what's underneath.

Lesson: The best ideas aren't owned by any single platform. Pay attention to all of them, and steal the good parts shamelessly.

It started with FreeBSD. In the early 2000s I got my hands dirty with the BSDs and fell in love with the approach: a complete, cohesive operating system where the kernel and userland ship together as one unit. FreeBSD's networking stack was rock-solid, its jails were ahead of their time, and its community was full of people who cared deeply about getting things right.

Contributing to FreeBSD taught me that the best infrastructure software is the kind you can reason about. Clean boundaries, predictable behavior, no magic. Those instincts never left.

FreeSBIE was a FreeBSD-based live CD system. The idea was simple: boot a full FreeBSD environment from a CD with zero installation. It caught enough attention to land on Slashdot, and became a useful toolkit for demos, recovery, and quick deployments.

More importantly, FreeSBIE was a lesson in packaging. Taking a full operating system and making it usable from a single image forced hard decisions about what to include, what to leave out, and how to make the first 30 seconds feel effortless. That discipline of "it just works out of the box" would become central to everything that followed.

Lesson: If it doesn't work the moment someone boots it, they're gone. First impressions are everything in infrastructure software.

pfSense started as a fork of m0n0wall with a simple goal: build an open-source firewall that people could actually rely on in production. It grew into one of the most widely deployed open-source firewalls in the world, running on everything from home labs to enterprise networks, data centers, and government infrastructure.

Building pfSense over the years taught me what works and what doesn't at scale. A web UI that drifts from the underlying config creates bugs that are nearly impossible to track. Users need power and simplicity at the same time. And communities will carry a project further than any single team ever could.

But the architecture was a product of its era. PHP, tightly coupled UI and backend logic, no real API layer. As networks evolved, the cracks showed. I kept a running list of everything I'd do differently if I could start from zero.

Lesson: If the CLI and the web UI don't speak the same language, they will eventually disagree. And when they disagree, your users lose trust.

nfSensei is the answer to that running list. A modern network operating system built from scratch in Rust with a React frontend, designed around a single principle: one API to rule them all. The CLI, the web UI, and the on-device AI assistant all flow through the same API surface. No drift, no divergence, no surprises.

The entire system ships as five self-contained binaries. The nushell-based CLI has 400+ commands. The Kensho design system provides 40+ themes. And Clyde, the on-device AI, brings intelligence directly to the firewall without shipping your data to the cloud.

Every hard lesson from Red Hat floppies to NetWare directories to FreeBSD jails to pfSense at scale is baked into nfSensei's architecture. The candidate/running config model means you can stage changes and diff them before committing. The Lua package ecosystem means the community can extend it without forking. And the nftables backend means we're building on the future of Linux networking, not the past.

Thirty years of building and running network operating systems taught me what matters: clarity, trust, and an architecture that stays honest as it scales. nfSensei is the system I always wanted to build.