Die Funktionen der Open Source Firewall OPNsense können durch zahlreiche Plugins erweitert werden.
Die folgende Tabelle zeigt die verfügbaren Plugins (Stand OPNsense Version 23.7):
Plugin | Beschreibung |
---|---|
iperf | Connection speed tester |
redis | Redis DB |
debug | Debugging Tools |
grid_example | A sample framework application |
helloworld | A sample framework application |
bind | BIND domain name service |
ddclient | Dynamic DNS client |
dnscrypt-proxy | Flexible DNS proxy supporting DNSCrypt and DoH |
rfc2136 | RFC-2136 Support |
qemu-guest-agent | QEMU Guest Agent for OPNsense |
tftp | TFTP server |
postfix | SMTP mail relay |
rspamd | Protect your network from spam |
theme-cicada | The cicada theme - dark grey onyx |
theme-rebellion | A suitably dark theme |
theme-tukan | The tukan theme - blue/white |
theme-vicuna | The vicuna theme - blue sapphire |
chrony | Chrony time synchronisation |
firewall | Firewall API supplemental package |
freeradius | RADIUS Authentication, Authorization and Accounting Server |
frr | The FRRouting Protocol Suite |
ftp-proxy | Control ftp-proxy processes |
google-cloud-sdk | Google Cloud SDK |
haproxy | Reliable, high performance TCP/HTTP load balancer |
igmp-proxy | IGMP-Proxy Service |
mdns-repeater | Proxy multicast DNS between networks |
ntopng | Traffic Analysis and Flow Collection |
radsecproxy | RADIUS proxy provides both RADIUS UDP and TCP/TLS (RadSec) transport |
realtek-re | Realtek re(4) vendor driver |
relayd | Relayd Load Balancer |
shadowsocks | Secure socks5 proxy |
siproxd | Siproxd is a proxy daemon for the SIP protocol |
sslh | sslh configuration front-end |
tayga | Tayga NAT64 |
udpbroadcastrelay | Control ubpbroadcastrelay processes |
upnp | Universal Plug and Play Service |
vnstat | Network traffic monitor |
wireguard | WireGuard VPN service kernel implementation |
wireguard-go | WireGuard VPN service Go implementation (pending removal) |
wol | Wake on LAN Service |
zerotier | Virtual Networks That Just Work |
collectd | Collect system and application performance metrics periodically |
lldpd | LLDP allows you to know exactly on which port is a server |
net-snmp | Net-SNMP is a daemon for the SNMP protocol |
netdata | Real-time performance monitoring |
nrpe | Execute nagios plugins |
telegraf | Agent for collecting metrics and data |
zabbix-agent | Zabbix monitoring agent |
zabbix-proxy | Zabbix monitoring proxy |
acme-client | ACME Client |
clamav | Antivirus engine for detecting malicious threats |
crowdsec | Lightweight and collaborative security engine |
etpro-telemetry | ET Pro Telemetry Edition |
intrusion-detection-content-et-open | IDS Proofpoint ET open ruleset complementary subset for ET Pro Telemetry edition |
intrusion-detection-content-et-pro | IDS Proofpoint ET Pro ruleset (needs a valid subscription) |
intrusion-detection-content-pt-open | IDS PT Research ruleset (only for non-commercial use) |
intrusion-detection-content-snort-vrt | IDS Snort VRT ruleset (needs registration or subscription) |
maltrail | Malicious traffic detection system |
openconnect | OpenConnect Client |
softether | Cross-platform Multi-protocol VPN Program (development only) |
stunnel | Stunnel TLS proxy |
tinc | Tinc VPN |
tor | The Onion Router |
wazuh-agent | Agent for the open source security platform Wazuh |
apcupsd | APCUPSD - APC UPS daemon |
api-backup | Provide the functionality to download the config.xml |
apuled | PC Engine APU LED control (development only) |
dmidecode | Display hardware information on the dashboard |
git-backup | Track config changes using git |
hw-probe | Collect hardware diagnostics |
lcdproc-sdeclcd | LCDProc for SDEC LCD devices |
mail-backup | Send configuration file backup by e-mail |
munin-node | Munin monitoring agent |
nextcloud-backup | Track config changes using NextCloud |
node_exporter | Prometheus exporter for machine metrics |
nut | Network UPS Tools |
puppet-agent | Manage Puppet Agent |
smart | SMART tools |
virtualbox | VirtualBox guest additions |
vmware | VMware tools |
xen | Xen guest utilities |
sunnyvalley | Vendor Repository for Zenarmor (a.k.a Sensei, Next Generation Firewall Extensions) |
c-icap | c-icap connects the web proxy with a virus scanner |
cache | Webserver cache |
nginx | Nginx HTTP server and reverse proxy |
web-proxy-sso | Kerberos authentication module |
Autor: Werner Fischer Werner Fischer arbeitet im Product Management Team von Thomas-Krenn. Er evaluiert dabei neueste Technologien und teilt sein Wissen in Fachartikeln, bei Konferenzen und im Thomas-Krenn Wiki. Bereits 2005 - ein Jahr nach seinem Abschluss des Studiums zu Computer- und Mediensicherheit an der FH Hagenberg - heuerte er beim bayerischen Server-Hersteller an. Als Öffi-Fan nutzt er gerne Bus & Bahn und genießt seinen morgendlichen Spaziergang ins Büro.
|