Text only | Text with Images

OPNsense Forum

English Forums => General Discussion => Topic started by: cdsane on April 10, 2026, 12:34:38 PM

Title: AI integration for OPNsense
Post by: cdsane on April 10, 2026, 12:34:38 PM
Hello all is OPNsense considering deploying AI into its software for proper network and security checks and analysis ??? I think it will be a fine addition to this firewall
Title: Re: AI integration for OPNsense
Post by: Patrick M. Hausen on April 10, 2026, 12:49:31 PM
So called "AI" and "proper network and security checks" are a contradiction.
Title: Re: AI integration for OPNsense
Post by: DEC740airp414user on April 10, 2026, 01:04:32 PM
sounds like a terrible idea
Title: Re: AI integration for OPNsense
Post by: nero355 on April 10, 2026, 04:10:28 PM
Quote from: Patrick M. Hausen on Today at 12:49:31 PMSo called "AI" and "proper network and security checks" are a contradiction.
Quote from: DEC740airp414user on Today at 01:04:32 PMsounds like a terrible idea
Agree with the above! :)



#SayNOtoMachineLearningChatBots!
Title: Re: AI integration for OPNsense
Post by: drosophila on April 10, 2026, 08:36:51 PM
Three question marks, what seems like puked-out grammar that lacks any effort, and a broad and unspecific question, all reeks of a spammer/bot, but the OP has at least a little posting history so I assume they wrote this in good faith instead of just spam or parroting buzzwords.

As such: it might be possible to have an AI-based rule analyzer that could possibly spot common mistakes and omissions. However, their results must be treated with care, just like if you'd manually fish random rule snippets off the internet. Maybe that could be worthwhile, but spending this much effort and likely fees on something so minor... nah. But since firewall rules are in the end generic, this sort of tool could be developed independently by the OP and work on the exported rule sets from all (Free)BSD-based firewalls, and a second version for Linux based ones. That could then be integrated as a community plugin if it proves to be helpful.

If this is what you have in mind: give it a go and see what it can do!

AI things are good at pattern recognition, so this would also be something for intrusion detection / prevention system makers to consider. But in that case the AI would have to run on the Firewall machine, given contemporary technology that'd be hard or need to be done like these voice-assistants using some external provider, nothing I would want to touch. Core OPNsense wouldn't benefit from this, except for the mentioned hypothetical analyzer. An AI-based rule generator wouldn't be worth it because AI-generated stuff is full of BS. It's fine for creating jokes and maybe translations, but most definitely not for anything even remotely security-related.

Possibly in some decades after the AI things have learnt to actually know what they're doing, if they ever will. Currently, "made with AI" is a stigma, not a badge of honor and definitely not a sign of quality, except in very specific cases.
Text only | Text with Images