Solution to high frequency refresh of an Alias (table ip) from an URL.
I have a service which provide my own blacklist of ip.
I want to grab the blacklist of ip each minute and automatically drop all connection from it under OPNsense.
I have already spamhaus installed (with their alias).
To solve it, I need :
- an alias to make firewall rules
- a script to download my blacklist
- a new cron command available under OPNsense GUI
- a cron job
Go to Firewall
> Aliases
and add an Alias
Enabled : checked
Name : MyOwnBlacklist
Type : External (advanced)
Description : Grab from my centralized service about blacklist ip
Create script in /usr/home/
(or where you want) : vi /usr/home/blacklist-update.sh
Add the content of the according file below (don't forget to change variables)
Set permissions chmod 700 blacklist-update.sh
Create a .conf file in /usr/local/opnsense/service/conf/actions.d/
(your file must start with "actions_")
vi /usr/local/opnsense/service/conf/actions.d/actions_blacklist-update.conf
Add the content of the according file below
Restart and reload :
configctl reload : action must be the filename without the prefix "actions_"
service configd restart
configctl blacklist-update reload
Go to System
> Settings
> Cron
and add a Job
You can show your cron command in dropdown Command
Plan your cron as like as you want...
Thanks for this. I had to drop in a DDNS update since neither DDNS plugin works. They should just have a way to add a one-liner and/or a script from the interface that can be captured in the config.xml.