TL; DR: Is it possible (and if so, desirable) to configure my OPNsense router to handle non-standard traffic instead of needing to configure each client device manually? Examples of what I mean by ‘non-standard traffic’ include Handshake, I2P, ZeroNet, and Tor.

  • fenndev@leminal.spaceOPEnglish
    1·
    3 months ago

    Sorry, I should clarify. I’m hoping to possibly have a setup like this:

    1. Browser makes a request to an eepsite
    2. The router sees the request is to a domain ending in .i2p and forwards the request to a service running on the router
    3. That service then performs the necessary encryption and establishes connection with the I2P network.

    I’d imagine it’s a similar process for other protocols and networks. No idea if this is possible or desirable.

    • ShellMonkey@lemmy.socdojo.comEnglish
      2·
      3 months ago

      https://www.grepular.com/Transparent_Access_to_I2P_eepSites

      Something like this makes logical sense, but can’t say I’ve ever tried such a feat. As a general rule though keeping the gateway/firewall free of extraneous software is a good practice just to limit the potential attack surface. If you try it I’d create a dedicated VM somewhere to host the i2p/Tor gateway from to keep it off the network edge directly.