Skip to content

Most important Turris repositories⚓︎

Turris project consists of more than a hundred repositories, and it is not easy to orient yourself in all of the utility and extension repositories. It is a list of repositories you most likely want to look into when you submit issues or try to locate code to improve.

Turris OS distribution⚓︎

These repositories contain scripts to build Turris OS distribution as well as package recipes and scripts to facilitate automatic updates.

  • Turris Build: build scripts, patches, and configuration for Turris OS distribution. You most likely want to look for it when you want to submit an issue about system functionality or to contribute a Turris-specific fix that would otherwise be applied on OpenWrt repositories. Primary hosting |
  • Turris Packages: recipes for Turris-specific packages.
    Primary hosting |
  • Automatic update rules: these are rules that updating software follows. It is where packages installed in the system in various situations are specified. Primary hosting |
  • Usage survey: the distribution maintenance requires additional information about packages usage, and for that reason, there is a usage survey.
    Primary hosting |

Automatic software updates of Turris OS distribution are provided by a project called Updater (also known as Updater-ng).


The reForis web interface functionality is split between a backend application called Foris Controller and a frontend called reForis. They, in turn, are split into core functionality and extensions that are called Foris Controller modules for backend and as reForis plugins for frontend. We list here only some of them. You might use the search functionality on either of the hosting servers to locate all modules and plugins.

Threat detection and attack prevention⚓︎

Threat detection and attack prevention system has two sides. The software is installed on the end user’s devices and the server components.

The end user’s software is what runs on any device that wants to participate in the Turris threat detection program.

  • Client for Dynamic Firewall: software that subscribes on updates from the threat detection system and adds IP addresses to a firewall block list. Primary hosting |
  • Minipots: minimal honeypots for a limited number of protocols used to trap and identify attackers.
    Primary hosting |
  • Firewall logs: the collector of blocked/dropped connections on the firewall.
    Primary hosting |
  • Sentinel Proxy: the proxy server that forwards locally detected threats by one of the detection tools to a common threat detection server.
    Primary hosting |
  • Certificate generator: Sentinel Proxy has to be authenticated to the threat detection server using temporally certificate. This software implements a way to obtain such certificate.
    Primary hosting |

The server components are, in general, not of much use to an end-user, but they are open source and thus available for review and contributions. They are split into pipelines, and the full interconnection is assigned by a system administrator. There is also a web interface for data visualization you might be interested in.

2022-02-08 2021-11-26