OPNsense Forum
English Forums => General Discussion => Topic started by: dgingeri on December 29, 2016, 08:56:13 pm
-
Hello, I'm new to opnsense, but I've been using pfsense for several years now. I just wanted to ask about possible features on this router software.
For the past two years, I've been looking for a way to use the firewall feature of pfsense to block known sources of malware, particularly botnets, password stealers, and other nasty stuff, from a web based reference table that could be downloaded by the router automatically weekly to monthly. Now I've found opnsense, and I'm wondering if this is something that might be possible. It looks like opnsense might have a better ability to do this, as it has more of a business market aim.
-
I have no idea how your list looks like but if it is a list of URLs where the malware is downloaded, you can import the list into the proxy using a remote backlist. If it is a set of IP addresses, an alias may work.
EDIT:
If you use the proxy, you can also scan the content using an anti malware engine via ICAP.
-
Thanks. That sounds helpful.
I was thinking of the idea of selling devices or VMs on servers loaded with opnsense to small businesses and rich home users configured to download the list, either by IP or by URL, from a website, either through a downloaded file or through a HTTP data download directly, managed by me for a small maintenance fee or with a maintenance agreement.
I would prefer to not have it be a triggered event, as that would get annoying to stay up late at night to trigger all my customers' routers to update manually.