Menu
What's new
By:
Filters Better Search

Search results

  • SNBForums Code of Conduct

    SNBForums is a community for everyone, no matter what their level of experience.

    Please be tolerant and patient of others, especially newcomers. We are all here to share and learn!

    The rules are simple: Be patient, be nice, be helpful or be gone!

  1. redhat27

    services-start or firewall-start for iptables scripts?

    @Jack Yaz I use the firewall-start to re-instate the iptable rules if the ipsets already exists, and the setup that is posted in #1 post of ya-malware-block. I have no issues when firewall is re-started multiple times. Also @FreshJR and @Vexira Take a note of the reinstatement snippet (in the...
  2. redhat27

    Yet another malware block script using ipset (v4 and v6)

    No, its not an overkill. I have mine to run every 6 hours. Some of the sources tracked by the FireHOL lists are very dynamic and transient
  3. redhat27

    AB-Solution - The Ad Blocking Solution

    Only raw.githubusercontent.com is used there. I do not suppose it will be blocked. If it is blocked by AB-Solution, there'll probably be bigger issues. Almost all script code (even from other scripters) are hosted there.
  4. redhat27

    Skynet Skynet - Router Firewall & Security Enhancements

    @thelonelycoder That line reinstates a iptable ACCEPT rule if the ipset called "AcceptList" exists, but a corresponding iptables rules does not. EDIT: Just saw that you had already referred to it just above. Never mind. :) EDIT2: The wiki is a bit confusing and begs a re-write <sigh> EDIT3...
  5. redhat27

    AB-Solution - The Ad Blocking Solution

    On closer look, I'm sad to say I'll pass on the shared whitelist for ya-malware-block. The reason being that the ya-malware-block solely uses IP regexes and discrete IPs for the whitelisting purposes. If I introduce a domain to IP lookup and then exclude from the block, it will add processing...
  6. redhat27

    Yet another malware block script using ipset (v4 and v6)

    These files (ya-malware-block.urls, ya-malware-block.whites, ya-malware-block.blacks) do not update unless they are missing. This is expected and not related to nvram-save 25a. These files normally reside on /jffs/ipset_lists/ directory, and has a one-time creation when the script runs for the...
  7. redhat27

    Yet another malware block script using ipset (v4 and v6)

    No need to read through 20 pages ;) I try to keep post #1 updated with all the current details. The above is not necessary
  8. redhat27

    Yet another malware block script using ipset (v4 and v6)

    Added a commit to include the regex. Will affect those who will install the script new or delete their existing ya-malware-block.whites file.
  9. redhat27

    iblocklist.com generic ipset loader for ipset v6 and v4

    You are right, earlier version of the script used the FORWORD chain of the filter table. Please change the iptable rule to use that, instead of raw PREROUTING and see if that works. I'll revert the script to use that when I am able to. I had changed it to raw PREROUTING without thinking much...
  10. redhat27

    iblocklist.com generic ipset loader for ipset v6 and v4

    That's a lot of lists you are blocking! ;) Use the MatchIP function to see which list(s) are the culprit: These are the dropbox ips: admin@RT-AC66R-D700:/tmp/home/root# hostip dropbox.com 162.125.248.1 admin@RT-AC66R-D700:/tmp/home/root# hostip www.dropbox.com 162.125.7.1 See see which list(s)...
  11. redhat27

    iblocklist.com generic ipset loader for ipset v6 and v4

    Enable both [src,dst] on sites you'd want to access in your whitelist. Can you give me an example of the site you want to access that is blocked? Perhaps an avtivated list is legitimately blocking it?
  12. redhat27

    What blocking scripts to install?

    Sorry for the late reply. AB solution is an excellent script for advertisement blocking, with different pre-packaged known sources for advertisements that you can choose to block. The blocking is on the DNS lookup, it will redirect the DNS lookup locally (to pixelserv if you have that...
  13. redhat27

    iblocklist.com generic ipset loader for ipset v6 and v4

    Also, ya-malware-block and iblocklist-loader do not conflict with each other. I use both. They have different purposes, although there may be some overlap with some of the lists. If an IP is blocked on both lists from the two scripts, there is no harm: The iptables filter that blocks it first...
  14. redhat27

    iblocklist.com generic ipset loader for ipset v6 and v4

    src is where the traffic originates. dst is the the target for the traffic. Blocking the [src] is mostly all that is needed, specifically if the idea is to block incoming traffic from outside (potentially dangerous/mal-intentioned sites on the internet) You'd typically use [dst] to prevent your...
  15. redhat27

    AB-Solution - The Ad Blocking Solution

    Just saw this. Entries from /jffs/ipset_lists/blacklist-domains.txt should not be whitelisted.
  16. redhat27

    AB-Solution - The Ad Blocking Solution

    Hmm, strange. I noticed this too @thelonelycoder Why are the shodan.* entries in your whitelist? I've specifically blocked those on the iblocklist custom blacklist See here and here for why those are not safe
  17. redhat27

    AB-Solution - The Ad Blocking Solution

    Precisely, its part of a CIDR range. @Xentrk That country blocking script is kind of old and inflexible in a way (no provision to whitelist). If you want to whitelist specific IPs, within blocked countries, the iblocklist-loader-v2.sh is what I'd use.
  18. redhat27

    AB-Solution - The Ad Blocking Solution

    Will do :) Both work pressure and new developments at home is keeping me too much occupied :(. But I'll implement the change soon.
  19. redhat27

    What blocking scripts to install?

    Just saw this... Will update soon as I get a chance. Sorry for being so infrequent here these days.
  20. redhat27

    Yet another malware block script using ipset (v4 and v6)

    And thank you for that nice write-up! :) @VZ3 just posted a way to make it better (no entware needed)
Top