Home
Help
Search
Login
Register
OPNsense Forum
»
Archive
»
20.1 Legacy Series
»
Custom rule scripts
« previous
next »
Print
Pages: [
1
]
Author
Topic: Custom rule scripts (Read 3029 times)
Cyda
Newbie
Posts: 5
Karma: 0
Custom rule scripts
«
on:
April 10, 2020, 09:21:12 pm »
I am very new to OPNsense and networking in general.
I am trying to figure out how to implement custom scripts to run once a day. I want them to automatically read specified publicly maintained dns/ip blacklists and update my firewall rules to block new items on said lists. Would something like this even be possible with OPNsense?
Logged
hbc
Hero Member
Posts: 501
Karma: 47
Re: Custom rule scripts
«
Reply #1 on:
April 10, 2020, 09:38:03 pm »
Just read the docs/manual. There is an example with spamhaus blocklist.
https://docs.opnsense.org/manual/how-tos/edrop.html
Logged
Intel(R) Xeon(R) Silver 4116 CPU @ 2.10GHz (24 cores)
256 GB RAM, 300GB RAID1, 3x4 10G Chelsio T540-CO-SR
Cyda
Newbie
Posts: 5
Karma: 0
Re: Custom rule scripts
«
Reply #2 on:
April 10, 2020, 09:48:50 pm »
Thank you. That is very helpful. Will this work with other blacklists?
I was hoping to be able to write my own custom scripts to do this. For example, compiling a list of dns/IPs from multiple blacklists and updating the firewall rules from that compiled list. At it's base it would be like setting up this same thing but hosting my own list. Is it possible to use this feature in such a way?
Logged
hbc
Hero Member
Posts: 501
Karma: 47
Re: Custom rule scripts
«
Reply #3 on:
April 10, 2020, 10:08:08 pm »
Sure you can create own lists, but to be honest: why do work twice and care for updates?
There are so many blacklists, even lists that already implement various lists, just use those.
A good starting point is:
http://iplists.firehol.org/
Logged
Intel(R) Xeon(R) Silver 4116 CPU @ 2.10GHz (24 cores)
256 GB RAM, 300GB RAID1, 3x4 10G Chelsio T540-CO-SR
Cyda
Newbie
Posts: 5
Karma: 0
Re: Custom rule scripts
«
Reply #4 on:
April 10, 2020, 10:23:38 pm »
I know it is doing extra work, I am doing it for a university research project. I just need to be able to do it with a few lists for now as a proof of concept. I will be looking at that link after a meeting I have.
Thank you for helping me.
Logged
Cyda
Newbie
Posts: 5
Karma: 0
Re: Custom rule scripts
«
Reply #5 on:
April 11, 2020, 04:40:56 am »
Would it be possible to have a script that pulls from lists and uploads them to GitHub, then have the alias source be that GitHub?
Logged
cmdr.adama
Jr. Member
Posts: 61
Karma: 3
Re: Custom rule scripts
«
Reply #6 on:
April 11, 2020, 06:26:13 am »
Can't see why not. It just pulls from an external list so if you wanted to do up a script to compile your own list then I can't see why it wouldn't work. I do agree with hbc, I just implement the existing public lists though I have been starting to generate my own from other IP's that I can see have been hitting IPS.
Logged
Cyda
Newbie
Posts: 5
Karma: 0
Re: Custom rule scripts
«
Reply #7 on:
April 11, 2020, 07:39:47 am »
Yeah. Like I said, this is for a university research project.
I think I basically understand what I need to do. Script pulls lists together into one and puts it on GitHub, then use an alias with URL table using the url to the GitHub. If I am understanding it right that should be all there is to it.
Logged
hbc
Hero Member
Posts: 501
Karma: 47
Re: Custom rule scripts
«
Reply #8 on:
April 12, 2020, 10:42:42 pm »
There is really no magic in hosting blacklists on GitHub. There even exists lists hosted on GitHub like this DoH blacklist:
https://github.com/oneoffdallas/dohservers?files=1
You just have to take care that you use the RAW link as source for your URL table alias.
E.g.:
https://raw.githubusercontent.com/oneoffdallas/dohservers/master/iplist.txt
Logged
Intel(R) Xeon(R) Silver 4116 CPU @ 2.10GHz (24 cores)
256 GB RAM, 300GB RAID1, 3x4 10G Chelsio T540-CO-SR
Print
Pages: [
1
]
« previous
next »
OPNsense Forum
»
Archive
»
20.1 Legacy Series
»
Custom rule scripts