mirror of https://github.com/opnsense/plugins.git synced 2026-02-03 20:40:37 -05:00

History

Franco Fichtner b4ae3dc4da security/q-feeds-connector: style		2026-01-20 12:55:38 +01:00
..
src	security/q-feeds-connector: plugin style	2026-01-19 04:32:54 +01:00
+POST_INSTALL.post	security/q-feeds-connector - add initial version (ref: https://forum.opnsense.org/index.php?topic=49123.0 )	2025-10-11 09:07:04 +02:00
Makefile	plugins: PLUGIN_TIER last so it's not confused with PLUGIN_REVISION	2026-01-19 05:33:35 +01:00
pkg-descr	security/q-feeds-connector: style	2026-01-20 12:55:38 +01:00
README.md	security/q-feeds-connector - add initial version (ref: https://forum.opnsense.org/index.php?topic=49123.0 )	2025-10-11 09:07:04 +02:00

README.md

plugin to connect to QFeeds threat platform

command line control

Settings are persisted in /usr/local/etc/qfeeds.conf, using the following format:

[api]
key=tip_xxxxxxxx

Our commandline tool contains all actions used by the UI, which is practical for debuggging.

usage: qfeedsctl.py [-h] [--target_dir TARGET_DIR] [-f] [-v] [{fetch_index,fetch,show_index,firewall_load,update,stats} ...]

positional arguments:
  {fetch_index,fetch,show_index,firewall_load,update,stats}

options:
  -h, --help            show this help message and exit
  --target_dir TARGET_DIR
  -f                    forced (auto index)
  -v                    verbose output

The index is the driver for most actions, which is a json encoded file in /var/db/qfeeds-tables/index.json.

Actions supported:

fetch_index --> download the index file
fetch --> download the lists
firewall_load --> collect ip lists into pre-defined firewall tables
update [sleep when almost time] --> run fetch_index --> fetch --> firewall_load (to be used by cron)
show_index --> dumps the index
stats --> dumps feed information
logs --> dumps firewall log information for aliases offered by Q-Feeds

Example usage:

/usr/local/opnsense/scripts/qfeeds/qfeedsctl.py update

Fetch index and update lists when updated remotely