Skip to content

ADD OPNSense MCP Server #2086

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Closed
wants to merge 3 commits into from
Closed

ADD OPNSense MCP Server #2086

wants to merge 3 commits into from
+1 −0

Conversation

vespo92
Copy link

@vespo92 vespo92 commented Jun 12, 2025
edited
Loading

Add OPNsense MCP Server

Description

Adds OPNsense MCP server to enable firewall and network management through LLM interfaces with Infrastructure as Code capabilities.

Server Details

Server: https://github.com/vespo92/OPNSenseMCP

Motivation and Context

This MCP server enables LLMs to interact with OPNsense firewalls, allowing users to manage their network infrastructure through natural language. Users can:

  • Create and manage VLANs and network interfaces
  • Configure firewall rules with intelligent templates
  • Manage DNS blocklists for content filtering
  • Search and identify devices on the network
  • Deploy network configurations as Infrastructure as Code
  • Backup and restore firewall configurations

The server provides a secure, API-based integration that makes network administration more accessible while maintaining security best practices. It's designed as part of a larger vision for AI-assisted home infrastructure automation.

How Has This Been Tested?

✅ Tested with Claude Desktop on Windows 10/11, macOS, and Linux
✅ Verified with OPNsense 24.x versions
✅ Tested all core functions: VLAN management, firewall rules, DNS blocking, device discovery
✅ Infrastructure as Code deployment tested with complex network scenarios
✅ Connection test scripts included (npm run test:api)
✅ Error handling tested with invalid credentials, network failures, and resource conflicts
✅ Performance tested with Redis and PostgreSQL caching layers
✅ Production use in home network environment for 3+ months

Types of changes

  • Bug fix (non-breaking change which fixes an issue)
  • New feature (non-breaking change which adds functionality)
  • Breaking change (fix or feature that would cause existing functionality to change)
  • Documentation update

Checklist

  • I have read the MCP Protocol Documentation
  • My changes follow MCP security best practices
  • I have updated the server's README accordingly
  • I have tested this with an LLM client
  • My code follows the repository's style guidelines
  • New and existing tests pass locally
  • I have added appropriate error handling
  • I have documented all environment variables and configuration options

Additional Information

Key Features

  • Network Management: VLAN creation, interface configuration, DHCP lease monitoring
  • Firewall Control: Rule management with presets for common scenarios
  • DNS Security: Domain blocking with category-based filters
  • IaC Support: Declarative network configuration with state tracking
  • Caching: Optional Redis/PostgreSQL integration for performance
  • TypeScript: Fully typed implementation with comprehensive error handling

Security Considerations

  • No hardcoded credentials - all configuration via environment variables
  • API key/secret authentication required
  • SSL/TLS support with certificate validation options
  • Input validation on all operations
  • Sanitized error messages to prevent information leakage

Future Roadmap

This server is the foundation for a larger ecosystem of home infrastructure MCP servers, with planned integrations for:

  • Docker/Kubernetes (container orchestration)
  • TrueNAS (storage management)
  • Unified IaC orchestrator across all services

Example Usage

// In Claude Desktop
"Create a guest VLAN on interface igc3 with tag 10"
"Block all social media sites on my network"
"Show me all devices connected to the IoT network"
"Set up firewall rules for a Minecraft server"

@vespo92
ADD OPNSense MCP Server
762cbef 
### What it does:
- Provides programmatic control over OPNsense firewalls
- Enables Infrastructure as Code for network management
- Integrates with Claude Desktop for AI-assisted network configuration

### Key Features:
- VLAN and interface management
- Firewall rule configuration
- DNS blocklist management
- State tracking and rollback
- Configuration backup/restore
@olaservo olaservo added the add-community-server This pull request adds a link to a community-created server. label Jun 13, 2025
@vespo92 vespo92 closed this Jun 17, 2025
@vespo92 vespo92 reopened this Jun 17, 2025
@olaservo olaservo mentioned this pull request Jun 18, 2025
Merged
@olaservo
Copy link
Member

Thanks for your contribution to the servers list. This has been merged in this combined PR: #2143

This is a new process we're trying out, so if you see any issues feel free to re-open the PR and tag me.

@olaservo olaservo closed this Jun 19, 2025
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@olaservo olaservo olaservo approved these changes

Assignees
No one assigned
Labels
add-community-server This pull request adds a link to a community-created server.
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
2 participants
@vespo92 @olaservo