Hello, I’m thinking to install OH to my Opnsense firewall running on Apu2 board. But I don know how.
The major thing I want to know is, if this will break my security, and will create holes at my firewall.
Thank you
Well, from a strictly generic standpoint, running anything on your firewall unnecessarily increases the attack surface.
Also, since it is your firewall you will need to be very very careful in how you configure OH so it doesn’t get exposed on the WAN interface. It will also be relatively easy to deliberately or accidentally configure OH to bypass your firewall if it is running on the same machine.
Can this be done safely? Yes but you would have to be exceptionally careful.
Should you do this? No, the firewall should not host any non-firewall services. There is just too much that can go wrong and the more you run on the firewall, the more chances there are that something will go wrong.
I highly recommend against this.