Looking for testers Q-Feeds plugin

[Q-Feeds]

I would also be interested, when you need more testers.
Best regards,
  Marcus

The more input, the better!
We're especially interested to hear from all of you about:

• The user flow
• The widget (how it behaves and feels in practice)
• The results you're seeing
• And of course, the Q-Feeds TIP
  

Your feedback is incredibly valuable and will help us improve the overall experience.

[Enigm69]

Can you add me to your testers list as well.

Thanks

[Q-Feeds]

Can you add me to your testers list as well.

Thanks

Done, looking forward to hearing your findings!

[SteffenDE]

It would be nice to see the update date of the alias list, then you could also see if the list doesn't update for whatever reason.

Or at the services view should some more info's like the web dashboard.

Otherwise it works for now and setup is easy and unproblematic.

[gtwop]

Followed installation guide, each step functioned properly.

Upon completion the Firewall/Aliases was populated under Name: __qfeeds_malware_ip.

System/Firmware/Status shows a warning: "Resolve plugin conflicts" with two drop downs.

(1) "View and edit local conflicts" under Name: os-q-feeds-connector (misconfigured),
Repository: unknown-repository.

(2) "Reset all local conflicts" after choosing: ***GOT REQUEST TO RESYNC***
Currently running OPNsense 25.7.4 (amd64) at Fri Oct  3 07:35:54 EDT 2025
Registering plugin: os-q-feeds-connector
***DONE***

But the warning remains, also ran an audit system came up normal no errors.

Other than that the plugin works well.

[Monviech (Cedrik)]

That warning is normal until the plugin is available in the opnsense repository.

[dmurphy]

I'd be interested in trying the Q-Feeds plugin as well, if there's still room.

Not doing much publicly but to protect my home LAN and some small services.

Thanks!

[llama6668]

Hi Stefan,
Also interested in testing your product, currently I use ZA (home version).
Regards,
Craig

[Lurick]

I'm interested as well, currently using ZA myself

Regards,
-Brian

[Q-Feeds]

Thanks Brian and Craig. I've send you the instructions via a PM. Looking forward to hear your feedback!

[Lurick]

Thanks Brian and Craig. I've send you the instructions via a PM. Looking forward to hear your feedback!

So far it's been easy to setup, having a checkbox in settings to auto add rules might be nice moving forward but not super difficult to add a couple floating rules either. I also did end up getting a few errors and I only see a single alias/feed in the rules to select but I show three lists in the GUI for the plugin:

downloaded index to /var/db/qfeeds-tables/index.json
skipped /var/db/qfeeds-tables/malware_ip.txt [2025-10-04T11:47:47Z]
exit with HTTPError 429 (Rate limit exceeded. Please try again later.)

[Q-Feeds]

Thanks Brian and Craig. I've send you the instructions via a PM. Looking forward to hear your feedback!

So far it's been easy to setup, having a checkbox in settings to auto add rules might be nice moving forward but not super difficult to add a couple floating rules either. I also did end up getting a few errors and I only see a single alias/feed in the rules to select but I show three lists in the GUI for the plugin:

downloaded index to /var/db/qfeeds-tables/index.json
skipped /var/db/qfeeds-tables/malware_ip.txt [2025-10-04T11:47:47Z]
exit with HTTPError 429 (Rate limit exceeded. Please try again later.)

Hi Brian,

Thank you for your feedback. I think that's a great idea for our roadmap, we've added it right away. The domains and URLs are still to be implemented within the plugin but indeed they do already show up within the available feeds table. The DNS and URL feeds is the next big feature to be fully supported on our roadmap, we do expect this soon. We already do have possibilities to implement this using pi-hole or adguard f.e. if you're interested I can share the instructions for this workaround for now.

The errors you're seeing are actually expected. It means the plugin skipped the download of the new feed due to the rate limit related to the license. Community users are eligible for an update every 7 days, Plus users every 4 hours and Premium users every 20 minutes. If an update is triggered twice within those timeframes the plugin will show these 'errors'. Here's an overview of the available licenses: https://qfeeds.com/opnsense/

Best regards,

Stefan

[dan786]

I'm interested in trying it . Does it use the logs in any form for how it works ?

[Q-Feeds]

I'm interested in trying it . Does it use the logs in any form for how it works ?

Thank you very much that you're willing to test it, already looking forward to your feedback. It will use aliases so you can define the firewall rules and link the alias with the firewall rule to block it based on our intelligence. I'll send you the instructions via a PM.

[passeri]

My context is a home user who still runs their own mail server as a residue from my business server before I retired. Could be called "knows some stuff, definitely not a network engineer". Currently I run free Crowdsec to not much effect.

Looking at your web page I see that your first window describes the mid-tier as adding "Commercial IP data" but in the table further down the page the "Paid" row excludes IP as well as the DNS and URL. Is Paid = Commercial, just inconsistent naming? If so, is that an error, if not then what are the definitions please?

Otherwise the differences are IoC lookup and update time. Given that sooner or later everything is an IP address, URL, what is actually meant by separating "Commercial" from "OSINT" and "Services"?

I have also read the manual and would like to try it, if you have room for another tester. Initially I would install it on an internal Opnsense where it would check what goes out from the protected component of our network, and if all goes well then try it for both directions on the edge, adding the other two subnets (IoT & DMZ) progressively.