OPNsense Forum

English Forums => General Discussion => Topic started by: Atilio on April 10, 2017, 05:21:20 am

Title: Layer 7 interogation
Post by: Atilio on April 10, 2017, 05:21:20 am

Hi there,
I'm a new user of OPNSENSE. I think it's a great product. using it on a dedicate i5 with 3 Nics.
However I'm comparing it with PFSENSE and I don't see any Layer 7 capability. I want to block P2P as an example.
Can someone please advise if this is possible with any of the IDS modules or something I'm missing here in firewall policies?

Cheers,

At.

Title: Re: Layer 7 interogation
Post by: fabian on April 10, 2017, 09:08:58 am

Under Services you will find the configuration for IDS and IPS. There you can configure suricata for use cases like this but it may not work as some protocols are heavily obfuscated to trick IPS systems and firewalls. The best thing you can do is using a strongly restricted ruleset.