Blocking some site

[wetdryorhot]

Hello guys question how to block site using OPNsense? Im searching it also in the System then plugins and i tried to review some plugins in there but i notice there's no application or third party app. that can installed in OPNsense to block some site thank you. and one more is there an app to monitor? like what there are browsing or downloading like if there are using Torrent.

[hopper]

Hi, wetdryorhot

You can use your opnsense as primary dns for your network (for example unbound):
Look at the configuration section for unbound under "Overrides":

Try out host.toblock.tdl with the ip 0.0.0.0 or domaintoblock.tdl with 0.0.0.0 in the domain section (works like pihole).

[Amr]

You can use your opnsense as primary dns for your network (for example unbound):
Look at the configuration section for unbound under "Overrides":

That would work alright but kids will soon discover the joy of VPN. If you want a robust way to block websites for good I suggest you deploy a transparent filtering proxy, the downside of it is that you'll need to install a certificate on each pc but that's way easier than blocking every VPN IP on the firewall.

Or you can try IPS but personally haven't tried blocking VPN with IPS.

Ps:if you go the override way make sure to redirect all DNS queries to firewall and block other ports

[Amr]

and one more is there an app to monitor?

yeah that would be ntopng you see install the plugin and config it (see documentation) and then access it through the browser on whatever port you specified (ex:192.168.1.1:3000, 3000 is the default port)