TL; DR: Is it possible (and if so, desirable) to configure my OPNsense router to handle non-standard traffic instead of needing to configure each client device manually? Examples of what I mean by ‘non-standard traffic’ include Handshake, I2P, ZeroNet, and Tor.

  • MangoPenguin@lemmy.blahaj.zone
    link
    fedilink
    English
    arrow-up
    2
    ·
    edit-2
    6 months ago

    You mean run those programs directly on opnsense? I don’t believe there is any way to do that.

    No configuration is needed on opnsense to use them as normal on your devices though, so that’s your best option.

  • Monkey With A Shell@lemmy.socdojo.com
    link
    fedilink
    English
    arrow-up
    2
    ·
    6 months ago

    Not sure if you mean to run the service on the FW or what ‘handle’ means here. If you have a second box though it would be easy enough to run all those services on a distinct server and then route their relevant ports through there with a policy based route on the firewall. That way you would only have to set up one for node for example and just have the client machines use that.

    • fenndevOP
      link
      fedilink
      English
      arrow-up
      1
      ·
      6 months ago

      Sorry, I should clarify. I’m hoping to possibly have a setup like this:

      1. Browser makes a request to an eepsite
      2. The router sees the request is to a domain ending in .i2p and forwards the request to a service running on the router
      3. That service then performs the necessary encryption and establishes connection with the I2P network.

      I’d imagine it’s a similar process for other protocols and networks. No idea if this is possible or desirable.

  • Matt The Horwood@lemmy.horwood.cloud
    link
    fedilink
    English
    arrow-up
    1
    ·
    6 months ago

    If your looking to allow that kind of traffic in and out of opensense, then yes if you use it. Just be mindful of what you need and only allow that in, outbound is normally everything.