Die Funktionen der Open Source Firewall OPNsense können durch zahlreiche Plugins erweitert werden.
Die folgende Tabelle zeigt die verfügbaren Plugins (Stand OPNsense Version 23.7):
| Plugin | Beschreibung |
|---|---|
| iperf | Connection speed tester |
| redis | Redis DB |
| debug | Debugging Tools |
| grid_example | A sample framework application |
| helloworld | A sample framework application |
| bind | BIND domain name service |
| ddclient | Dynamic DNS client |
| dnscrypt-proxy | Flexible DNS proxy supporting DNSCrypt and DoH |
| rfc2136 | RFC-2136 Support |
| qemu-guest-agent | QEMU Guest Agent for OPNsense |
| tftp | TFTP server |
| postfix | SMTP mail relay |
| rspamd | Protect your network from spam |
| theme-cicada | The cicada theme - dark grey onyx |
| theme-rebellion | A suitably dark theme |
| theme-tukan | The tukan theme - blue/white |
| theme-vicuna | The vicuna theme - blue sapphire |
| chrony | Chrony time synchronisation |
| firewall | Firewall API supplemental package |
| freeradius | RADIUS Authentication, Authorization and Accounting Server |
| frr | The FRRouting Protocol Suite |
| ftp-proxy | Control ftp-proxy processes |
| google-cloud-sdk | Google Cloud SDK |
| haproxy | Reliable, high performance TCP/HTTP load balancer |
| igmp-proxy | IGMP-Proxy Service |
| mdns-repeater | Proxy multicast DNS between networks |
| ntopng | Traffic Analysis and Flow Collection |
| radsecproxy | RADIUS proxy provides both RADIUS UDP and TCP/TLS (RadSec) transport |
| realtek-re | Realtek re(4) vendor driver |
| relayd | Relayd Load Balancer |
| shadowsocks | Secure socks5 proxy |
| siproxd | Siproxd is a proxy daemon for the SIP protocol |
| sslh | sslh configuration front-end |
| tayga | Tayga NAT64 |
| udpbroadcastrelay | Control ubpbroadcastrelay processes |
| upnp | Universal Plug and Play Service |
| vnstat | Network traffic monitor |
| wireguard | WireGuard VPN service kernel implementation |
| wireguard-go | WireGuard VPN service Go implementation (pending removal) |
| wol | Wake on LAN Service |
| zerotier | Virtual Networks That Just Work |
| collectd | Collect system and application performance metrics periodically |
| lldpd | LLDP allows you to know exactly on which port is a server |
| net-snmp | Net-SNMP is a daemon for the SNMP protocol |
| netdata | Real-time performance monitoring |
| nrpe | Execute nagios plugins |
| telegraf | Agent for collecting metrics and data |
| zabbix-agent | Zabbix monitoring agent |
| zabbix-proxy | Zabbix monitoring proxy |
| acme-client | ACME Client |
| clamav | Antivirus engine for detecting malicious threats |
| crowdsec | Lightweight and collaborative security engine |
| etpro-telemetry | ET Pro Telemetry Edition |
| intrusion-detection-content-et-open | IDS Proofpoint ET open ruleset complementary subset for ET Pro Telemetry edition |
| intrusion-detection-content-et-pro | IDS Proofpoint ET Pro ruleset (needs a valid subscription) |
| intrusion-detection-content-pt-open | IDS PT Research ruleset (only for non-commercial use) |
| intrusion-detection-content-snort-vrt | IDS Snort VRT ruleset (needs registration or subscription) |
| maltrail | Malicious traffic detection system |
| openconnect | OpenConnect Client |
| softether | Cross-platform Multi-protocol VPN Program (development only) |
| stunnel | Stunnel TLS proxy |
| tinc | Tinc VPN |
| tor | The Onion Router |
| wazuh-agent | Agent for the open source security platform Wazuh |
| apcupsd | APCUPSD - APC UPS daemon |
| api-backup | Provide the functionality to download the config.xml |
| apuled | PC Engine APU LED control (development only) |
| dmidecode | Display hardware information on the dashboard |
| git-backup | Track config changes using git |
| hw-probe | Collect hardware diagnostics |
| lcdproc-sdeclcd | LCDProc for SDEC LCD devices |
| mail-backup | Send configuration file backup by e-mail |
| munin-node | Munin monitoring agent |
| nextcloud-backup | Track config changes using NextCloud |
| node_exporter | Prometheus exporter for machine metrics |
| nut | Network UPS Tools |
| puppet-agent | Manage Puppet Agent |
| smart | SMART tools |
| virtualbox | VirtualBox guest additions |
| vmware | VMware tools |
| xen | Xen guest utilities |
| sunnyvalley | Vendor Repository for Zenarmor (a.k.a Sensei, Next Generation Firewall Extensions) |
| c-icap | c-icap connects the web proxy with a virus scanner |
| cache | Webserver cache |
| nginx | Nginx HTTP server and reverse proxy |
| web-proxy-sso | Kerberos authentication module |
 |
Autor: Werner Fischer Werner Fischer arbeitet im Product Management Team von Thomas-Krenn. Er evaluiert dabei neueste Technologien und teilt sein Wissen in Fachartikeln, bei Konferenzen und im Thomas-Krenn Wiki. Bereits 2005 - ein Jahr nach seinem Abschluss des Studiums zu Computer- und Mediensicherheit an der FH Hagenberg - heuerte er beim bayerischen Server-Hersteller an. Als Öffi-Fan nutzt er gerne Bus & Bahn und genießt seinen morgendlichen Spaziergang ins Büro.
|
wiki