Blog
Back to articles
Technical Articles

ELLIO for IP blocking on OPNsense

ELLIO Icon
ELLIO Team
|3 min read

A practical guide how to quickly set up IP blocking on OPNsense firewall by using advanced ELLIO IP blocklists for filtering active malicious IP addresses.

Hero image

Discover how to quickly set up IP filtering on OPNsense firewall and why ELLIO’s advanced IP blocklists are a smart choice for effectively filtering active malicious IP addresses. This tutorial shows you how to set up an external IP blocklist in just a few minutes.

You’ll find in this article:

  • What is ELLIO: Threat List MAX and why use it for OPNsense.
  • 10-step installation tutorial for setting up an IP blacklist on OPNsense.
  • How to get a free trial to test ELLIO: Threat List MAX.
  • Access the ELLIO free community IP blocklist.

Why use ELLIO for IP blocking on OPNsense.

ELLIO offers the most comprehensive, swift, and advanced external IP blocklist on the market today. While other providers update their lists every hour or 15 minutes, ELLIO refreshes its lists every 1 to 5 minutes, based on your subscription. On average, ELLIO updates over 10% of its IP addresses daily and adds 98 new threats every 5 minutes. (See the current status and live data in the ELLIO Platform under Threat Lists section).

ELLIO: Threat List MAX is available in formats compatible with OPNsense and other platforms, including pfSense, Fortinet, Palo Alto Networks, Check Point, F5, Cisco, ntopng, and more.

Hold off attackers before detections are available.

ELLIO IP blocklists protect your network from the latest malicious IPs, mass exploitation, and disruptive bots. They also act as a buffer, blocking attackers immediately and giving security teams time to detect and patch new vulnerabilities before they affect your network.

ELLIO offers following blocklists:

  • ELLIO: Threat List MAX: Ultimate IP blocking at the firewall level Covering 175,000 to 400,000 entities with updates every minute, easily compatible with Chek Point and other next-gen firewalls. Along with the ELLIO: Threat List, you also gain access to the ELLIO Blocklist Management Platform for managing all blocklists across firewall vendors.

How to set up an external IP blocklist on OPNsense.

Part 1: Configure Alias in OPNsense

Step 1: To use ELLIO: Threat List (or other external IP blocklists) on OPNsense, you need to create a new alias. First, click on Firewall >> Aliases.

How to configure Alias in OPNsense firewall.

Step 2: In the Aliases section, click on the red plus-sign button.

Alias configuration in open-source firewall OPNsense.

Step 3: Use a descriptive name, like ellio.tech, and select URL Table (IPs) from the dropdown menu.

How to set up an external IP blocklist on OPNsense using useful installation guide by ELLIO.

Step 4: Set the Refresh Frequency to 1 hour, then paste the URL from our portal into the Content field. Click the Save button to apply the changes.

How to set up freaquency for IP blocking on OPNsense firewall.

Step 5: After a few seconds, the Loaded# and Last Updated fields will populate with information, confirming that the setup is working as intended.

Step 5 of the Installation Guide: How to Allow an External IP Blocklist on the OPNsense Firewall.

Part 2: Configure firewall in OPNsense

Step 6: To set up a blocking rule on the firewall, navigate to Firewall -> Rules -> WAN (ignore LAN screenshots).

How to set up a IP blocking rule on the OPNsense firewall.

Step 7: Click the red plus sign to add a new rule.

How to configure firewall in OPNsense and set up IP blocking on OPNsesnse.

Step 8: Set the Action to Block or Reject. For the Source, select the alias created in the previous step from the dropdown list.

How configurate ELLIO IP blocklist on OPNsense.

Step 9: After the page loads with the new rule listed, click the red Apply Changes button in the upper right corner to activate the rule.

10-step practical tutorial how to set up external IP blocklist on firewall OPNsense.

Step 10: Confirm all changes by clicking the red Apply Changes button.

OPNsense installation guide step10 1024x640

Try ELLIO with a free trial.

Explore all the benefits of ELLIO: Threat List MAX, ELLIO Blocklist Management, ELLIO IP Lookup, and more, with a free trial: https://platform.ellio.tech/

Screenshot 2025 02 03 at 13.09.42 1024x675

About ELLIO

ELLIO is a research-driven cybersecurity lab with a strong focus on mass exploitation and reconnaissance activity. ELLIO delivers IP-based threat intelligence, network fingerprints, and highly dynamic feeds for event prioritization and data enrichment across existing SIEM, SOAR, and other security tools. Beyond intelligence, ELLIO provides ultimate IP blocking for next-gen firewalls, a platform for centrally managing all multi-vendor blocklists and whitelists, and additional services such as network masking against scanners and eBPF-based filters that combine IP intelligence with modern network fingerprints to protect against active malicious and overly curious (promiscuous) traffic.

Enter the ELLIO Threat Platform and see mass exploitation and reconnaissance activity as they happen: https://platform.ellio.tech

Related Articles

Hero image
Technical Articles__5 min

Managing blocklists using a central platform (part 1)

Learn how blocklist management platforms empower SOCs and NOCs. Streamline processes, minimize errors, and enhance network security.

ELLIO Icon
ELLIO Team
Hero image
Tutorial
Technical Articles__4 min

IP blocking on pfSense using ELLIO 

Explore how to set up IP filtering on pfSense, an open-source firewall/router solution, in just a few minutes, and discover why you should use advanced IP blocklists from ELLIO for this purpose.

ELLIO Icon
ELLIO Team
Hero image
Tutorial
Technical Articles__4 min

IP Blockling on FortiGate 7.2.0/7.4.0 using ELLIO

This article gives you a simple, step-by-step guide to set up an external IP blocklist and firewall rules on FortiGate 7.2.0/7.4.0. Discover why adding advanced ELLIO Blocklists to your FortiGate v. 7.2.0/7.4.0 is a great way to boost its protection, and how easy it is to set up.

ELLIO Icon
ELLIO Team