Menu
What's new
By:
Filters Better Search

Search results

  • SNBForums Code of Conduct

    SNBForums is a community for everyone, no matter what their level of experience.

    Please be tolerant and patient of others, especially newcomers. We are all here to share and learn!

    The rules are simple: Be patient, be nice, be helpful or be gone!

  1. redhat27

    Yet another malware block script using ipset (v4 and v6)

    Thank you. Can you post the output of these? ipset --version iptables --version Also, do you get the 'webstr' library error on each run of the script, or just the first time?
  2. redhat27

    Country blocking script

    Sure there is. Instead of looping through the file, it would be a lot faster to write out a restore file to load all at once. However, since the purpose of this script is to load relatively static ipsets, it would not probably warrant changes to make it faster. I personally do not even run it in...
  3. redhat27

    Country blocking script

    That just removes the block on the domain for the site torstatus.blutmagie.de where the list of Tor exit nodes is tracked. If you have "ru" in the blocked countries list, you'll need this on the reload. Otherwise its not necessary. torstatus.blutmagie.de is hosted in Russia (ru) Normally you can...
  4. redhat27

    Country blocking script

    @octopus and @Builder71, the above issue is fixed in the latest version
  5. redhat27

    Yet another malware block script using ipset (v4 and v6)

    I would tend to be an optimist and think that GitHub incident to be a one-off. Let's see if that recurs. Regarding false positives, I think if a site gets blocked, or something stops working, it should be fairly easy to whitelist: Just ping the domain to verify its blocked, and if it is, then...
  6. redhat27

    Yet another malware block script using ipset (v4 and v6)

    You can simply replace your .urls file. Let the script redownload it on the next run: rm /jffs/ipset_lists/ya-malware-block.urls or download it yourself: wget --no-check-certificate -O /jffs/ipset_lists/ya-malware-block.urls...
  7. redhat27

    Yet another malware block script using ipset (v4 and v6)

    No, it's not looking at .urls being edited :) I've added some new lists to the .urls file in github. These are not included in FireHOL levels 1 through 4: Counts are as of the time of writing this post and will vary over time: Users of this script can update their ya-malware-block.urls file...
  8. redhat27

    Yet another malware block script using ipset (v4 and v6)

    Apologies, I had misunderstood. Regardless, this version should take care of it. Thanks for pushing me to do it. BTW: I should post a similar fix to your other gihub issue soon (create-ipset-lists.sh) Yes, and just to test it, you can edit the /jffs/ipset_lists/ya-malware-block.urls file and...
  9. redhat27

    Yet another malware block script using ipset (v4 and v6)

    Version 2.5 (just uploaded in github) will take care of the issue of removing older ipsets and rules if they are no longer needed.
  10. redhat27

    Yet another malware block script using ipset (v4 and v6)

    I'm sorry for my long absence :( @Builder71 Appreciate your effort in removing unused sets, I'll take a look when I get some time. I believe like @VZ3 pointed out, this may not be of much concern @Jack Yaz and @VZ3 Thanks as always for helping out @Przem I believe you should be able to...
  11. redhat27

    iblocklist.com generic ipset loader for ipset v6 and v4

    There could be multiple factors at play here. Try going a whole day with each of the ad-block, ya-malware-block, iblocklists, etc. Also, I found this and this on the web. Maybe its waiting to serve an ad?
  12. redhat27

    Yet another malware block script using ipset (v4 and v6)

    There should be more YAMalwareBlock?IP ipsets, generally. The pastebin output you gave had this: admin@RT-N66U:/jffs/ipset_lists# cat ya-malware-block.urls #https://raw.githubusercontent.com/shounak-de/misc-scripts/master/telemetry_and_scanners.txt...
  13. redhat27

    Yet another malware block script using ipset (v4 and v6)

    Do not comment out the sources in the .urls file. You may leave level4 commented, but I use all of the lists (none of the lists are commented). Sometimes having level4 enabled may have some false positives. (Like 8.8.8.8 may sometimes be mistakenly included). The sources in these lists are very...
  14. redhat27

    iblocklist.com generic ipset loader for ipset v6 and v4

    Try eliminating each script one by one. Have BLOCKLIST_INDEXES="" (empty) or disable running ya-malware-block, see which one is the one stopping pandora. Are you able to ping pandora.com when it is being blocked?
  15. redhat27

    Yet another malware block script using ipset (v4 and v6)

    FYI to all who is using this script. I've noticed that sometimes the google resolver 8.8.8.8 appears in one of the blocklists. That affects the default resolver configured for the hostip utility. Please include that in the /jffs/ipset_lists/ya-malware-block.whites file (default location) I've...
  16. redhat27

    iblocklist.com generic ipset loader for ipset v6 and v4

    Not sure which blocklist is the one blocking it, but you should be able to find that out from the function mentioned in the above post. There are couple of things to try: [1] Do not use the blocklist that blocks pandora or [2] Put the domains affected (eg: "pandora.com") in the...
  17. redhat27

    iblocklist.com generic ipset loader for ipset v6 and v4

    @Builder71 John is correct. You have ipset 4.x. a tested version of the function for that ipset is in the wiki
  18. redhat27

    My router have huge CPU usage with firmwares 380.66, 380.67 and 380.68

    The top command on the router will tell you what is using the CPU the most
  19. redhat27

    Yet another malware block script using ipset (v4 and v6)

    @Supernova An easy way to tell whether its AB-Solution or an ipset block: ping the IP or host AB-Solution blocking will return 0.0.0.0 or your pixelserv IP (if you have it configured/running) ipset blocking will behave differently (either 100% packet loss (most common, esp on router) or request...
  20. redhat27

    Yet another malware block script using ipset (v4 and v6)

    Yes, very much so. They can peacefully coexist. I use both.
Top