Menu
What's new
By:
Filters Better Search

Search results

  • SNBForums Code of Conduct

    SNBForums is a community for everyone, no matter what their level of experience.

    Please be tolerant and patient of others, especially newcomers. We are all here to share and learn!

    The rules are simple: Be patient, be nice, be helpful or be gone!

  1. redhat27

    iblocklist.com generic ipset loader for ipset v6 and v4

    :eek::D
  2. redhat27

    iblocklist.com generic ipset loader for ipset v6 and v4

    No, since all the other services have already started at $RC start you should be good. services-start is non-blocking afaik (no other process waits for service-start to complete)
  3. redhat27

    [To all script writers] Suggestion for better environment management

    I'll update the wiki to mention that reinstatement block (a snippet that checks if there are already existing ipsets, and re-creates iptable rules if they do) to move to a separate file that is invoked in firewall-start.
  4. redhat27

    iblocklist.com generic ipset loader for ipset v6 and v4

    Okay, I agree that keeping that iptables rule reinstatement snippet before the service-start finished would create iptables entries for the temporary sets. Not good. Since the firewall-start may get called multiple times when your router has just rebooted and is busy init-ing at lot of stuff...
  5. redhat27

    iblocklist.com generic ipset loader for ipset v6 and v4

    Couple of things to try: If you know which IPs are being blocked (nslookup/hostip the slow domain), you can use the shell function to determine which ipset is blocking it. You can change the IPTABLES_BLOCK_TARGET to REJECT for immediate return on failure (will not be slow) Is you are using an...
  6. redhat27

    AB-Solution - The Ad Blocking Solution

    I would think not. The time-allowed PControl rules would still apply. I've disabled dns based filtering. All dns requests on my lan are channeled the same way.
  7. redhat27

    iblocklist.com generic ipset loader for ipset v6 and v4

    Thanks for the wiki entry write-up :)
  8. redhat27

    Skynet Skynet - Router Firewall & Security Enhancements

    No quite so... The multiple calling of the firewall-start existed much before 380.66 See March 2016 thread. The reason being that script is called whenever the firewall rules needs to be reloaded. It is event driven. That is the purpose of that reinstatement snippet in the wiki that is to be...
  9. redhat27

    Yet another malware block script using ipset (v4 and v6)

    I've updated the blockstats alias definition to include output from raw tables in the wiki.
  10. redhat27

    AB-Solution - The Ad Blocking Solution

    firewall-start
  11. redhat27

    Yet another malware block script using ipset (v4 and v6)

    Just need to run your blocklist-loader script is run right after the ya-malware-block script, that is all.
  12. redhat27

    Yet another malware block script using ipset (v4 and v6)

    No need to save the original script. You can always get it from git history. Also looks like you have the old sources. Please delete /jffs/ipset_lists/ya-malware-block.url_list and re-run Read a bit from post #90 if it hangs again.
  13. redhat27

    iblocklist.com generic ipset loader for ipset v6 and v4

    Try lookup of the your news sites's IP with the shell function in the other thread.. @Jack Yaz Can you put the function (both v4 and v6 versions) in the wiki?
  14. redhat27

    iblocklist.com generic ipset loader for ipset v6 and v4

    Not at all. All you need is a github account. It would be a big help to me if you can update the wiki with updated info there. Please feel free to add any other useful stuff to the wiki yourself. If something does not look okay, somebody will correct it.
  15. redhat27

    iblocklist.com generic ipset loader for ipset v6 and v4

    Its not. But the defaults section needs to be updated. I'll update the wiki when I get some time
  16. redhat27

    Yet another malware block script using ipset (v4 and v6)

    Not sure what is going on there. Can you re-download the script as per OP? Anybody else have these errors?
  17. redhat27

    Yet another malware block script using ipset (v4 and v6)

    If you are using a browser to connect to a malware source, you'll time out. To immediately fail without timeout, the firewall rule needs to REJECT the connection (it currently DROPs it)
  18. redhat27

    Yet another malware block script using ipset (v4 and v6)

    The firewall in your asus router needs to be enabled to have any firewall scripts to work. Asus firewall by default will only provide a basic security (just like enabling firewall on a windows machine, for example) and not against any specific malware/ransomware/cracker/bots/scanners/etc...
  19. redhat27

    Yet another malware block script using ipset (v4 and v6)

    ya-malware-block script does not have whitelisting. If you want to whitelist pentest-tools.com, add it to the WHITELIST_DOMAINS_FILE that is referenced in the iblocklist-loader script, and make sure the blocklist-loader script is run right after the ya-malware-block script
  20. redhat27

    Yet another malware block script using ipset (v4 and v6)

    If you are using dnscrypt, then check if 127.0.0.1 is there in any of those lists. Do not use that list for now then. Edit: also check your router internal IP (example 192.168.1.1 or similar)
View older results
Top