I wish to set up a system that I log into with openVPN on my Raspberry Pi 4. I have already set up an openVPN server with a PKI infrastructure as well as other services that run on the Pi (like pi hole dns + dhcp). The packet forwarding is set up in the iptables like so:
iptables -t filter -A FORWARD -i tun0 -o eth0 -j ACCEPT
iptables -t filter -A FORWARD -i eth0 -o tun0 -m state --state RELATED,ESTABLISHED -j ACCEPT
iptables -t nat -A POSTROUTING -o eth0 -j MASQUERADE
I can use devices like my phone and laptop from remote to access my network remotely and use DNS etc. I now wish to add an antivirus or dpi firewall to the mix that filters packets between eth0 and tun0 as well as protect services like my mail and web server from accepting malicious files (as easily).
But I don't even know what to search for. I'd like for someone to point me in the right direction for an open source solution that runs on an ARM64 in an ubuntu system (without x-server) I have come across nDPI which is an open source deep packet inspection tool, but I'm not entirely sure if that is what I need.