Please updating the Default DNS Blocklists and Intrusion Detection (Suricata Rules)

[Armani]

Dear OPNsense Team,

I would like to suggest a more frequent update cycle for the default blocklists available in the system, specifically in the Services: Intrusion Detection (Suricata Rules) and Services: Unbound DNS: Blocklists sections.

Please verify and maintain the default list sets in the Services: Intrusion Detection and Services: Unbound DNS: Blocklists sections.

The problem is that in the current configuration, some links to sources are inactive (the lists have been removed by their authors), and some new expected lists are missing from the default OPNsense packages/configuration.

For example, the Unbound DNS: Blocklists ruleset lacks lists of the most abused top-level domains (TLDs) Normal and Aggressive, the same applies to Suricata, as the collections lists are not up-to-date.

Please ensure that these lists are regularly updated and supplemented to ensure all default lists are up-to-date, accessible, and functional. Including more comprehensive and regularly updated community lists would significantly improve the default security level of OPNsense installations.

The current infrastructure for downloading these lists is excellent; this request only concerns updating the default sources.

Thank you for considering this enhancement.