Hi,
I would like to make my OpenWrt box a NGFW firewall.
I need a web url filter(not DNS filter), IPS/IDS system, deep packet inspection and combine them with anti-virus(like ClamAV) at least
I can't install Squid or SquidGuard in 23 version. What's the best alternative to that? I need them to do SSL inspection and web-filtering.
Do you guys have any suggestion or thoughts on building a NGFW based on OpenWrt?
Do you have an Public SSL Certificate [illegally] issued to you for a wildcard on the root zone - to install on a DPI device?
If not, see:
Or are you doing this on a test network (that only you use and control) - purely for educational purposes?
Lastly - I assume you're aware that you cannot magically decrypt secure web traffic, correct?
1 Like
I think there is no way around Squid for this. If you run x86 you could use a Debian chroot to install required packages, or run the required services as Docker containers.
For my homelab network, just want to have an NGFW without paying anything
.