OPNsense Forum
English Forums => General Discussion => Topic started by: derp on March 15, 2018, 03:52:21 pm
-
i am looking for a specific type of plug in for OPN
there is a possibility some of you might remember Outpost Firewall Created by Agnitum, there was a feature it had that i am looking for ( https://alternativeto.net/software/outpost-firewall-pro/ )
in this program you were able to watch traffic real time GUI with a line of data classified how and what you chose to show. the ability to right click on it, stop the flow, and chose what type of restrictions to implement into the firewall for that specific address, or general domain was a incredible volume more effective, faster, and efficient that a CLI table modification.
that type of interface and control is what i am looking for.
if anyone has a general name, classification, or maybe even a plug in i can look up and research i can get headed into the correct direction.
your help will be greatly appreciated. thank you.
-
(copy paste from Tacomas accidently threadjacked introduction)
i find it amazing mimugmail that the person with the shortest answer has the best answer by far.
i have looked into the sophoes utm and yes , without downloading it it does seem to be what i am looking for.
i can not get a copy to play with for experimentation, and it looks like it is a standalone that will not play with sense OS
so what i have gotten out of this is that what i want is a UTM (unified threat management) plug in for opnsense
now, seeing as how this would be a total game changer and everyone would benefit from it, and everyone needs it
the#1) question is why do we not already have it
and 2) what do we have to do in order to get it
in this post opnsense is listed as being a UTM comparable to sophos
http://www.overclock.net/forum/45-networking-security/1630935-once-you-go-utm-firewall-you-never-go-back.html
so this leads me to wonder if there is a plug in, or set of plugins available that i am not seeing
again after all this i want to keep a diligent focus on my end goal
i NEED to be able to watch traffic real time GUI with a line of data classified how and what you chose to show. the ability to right click on it, stop the flow, and chose what type of restrictions to implement into the firewall for that specific address, or general domain as a incredible volume more effective, faster, and efficient that a CLI table modification.
i am going to apologize to Tacoma for thread jacking his hello post and try to ask everyone helping to take this to
https://forum.opnsense.org/index.php?topic=7605.0
-
The post doesn't state that it's comparable, also the author is writing he's evaluating Sophos, so he has no idea of it.
Don't expect this feature for OPN in the next 3-5 years. Sophos requires Web Protection license for this feature. This means you have to pay around 1000-2000 EUR for a 3 year subscription depending on the hardware. With the home license you should be able to use it for free (up to 50 IPs).
Sophos uses a pgsql database to store this data, I don't think only for such a feature we'll introduce a huge db.
Perhaps ntop can fit half of your needs (just look at live traffic), but not the part with blocking or shaping depending of the stream you see.
-
Sophos uses a pgsql database to store this data, I don't think only for such a feature we'll introduce a huge db.
Good idea: PostgreSQL on OPNsense ;)
Very likely a plugin that's very hard to write.
-
as for just viewing traffic wireshark does fairly ok-ish
but what good is a window for an admin if they can not do their job and control the flow?
as great full as i am for the window it only makes me all the more furious that i can not work the data