Menu
What's new
By:
Filters Better Search

Search results

  • SNBForums Code of Conduct

    SNBForums is a community for everyone, no matter what their level of experience.

    Please be tolerant and patient of others, especially newcomers. We are all here to share and learn!

    The rules are simple: Be patient, be nice, be helpful or be gone!

  1. redhat27

    iblocklist.com generic ipset loader for ipset v6 and v4

    Good change! The joys of community contribution :) Please feel free to update the wiki. If you want to pass on that, I'll update it when I get a chance.
  2. redhat27

    Yet another malware block script using ipset (v4 and v6)

    You can enable firewall logging of DROPped packets. In addition you need to change the ya-malware-block.sh script in two places (search for the text DROP and replace it with logdrop). Reboot to take effect. Be aware that it will add volume to the syslog where each packet dropped will be logged.
  3. redhat27

    Yet another malware block script using ipset (v4 and v6)

    This is what I use to whitelist... I ping the blocked source (lets say xyz.com/whatever is blocked) I'll ping xyz.com and get the IP (there will be no responses as its blocked, just knowing the IP is good enough to unblock). Just append that IP to /jffs/ipset_lists/ya-malware-block.whites and...
  4. redhat27

    Yet another malware block script using ipset (v4 and v6)

    I don't know of a straightforward way. Have you actually tried putting that IP in DMZ? Others can chime in if they know. I would question why you'd want to do this... Is it one particular device getting blocked all too often? It's easy to whitelist...
  5. redhat27

    Yet another malware block script using ipset (v4 and v6)

    Thank @Jack Yaz for honing in on the problem. @Csection I'm curious: Do you not have /jffs at all? Because if you did, the script should have downloaded the default whitelist file in /jffs/ipset_lists/ya-malware-block.whites
  6. redhat27

    Yet another malware block script using ipset (v4 and v6)

    It is indeed very strange. @Csection Can you tell me a bit how you are running the latest script? From the command prompt or at startup? Did the syslog give any clues what it was doing before the lock-up? Also, can anybody else with ipset v6.x run the latest version and let me know if it...
  7. redhat27

    Yet another malware block script using ipset (v4 and v6)

    I can only surmise that the lock up was coincidental. I suggest you try again with the new version.
  8. redhat27

    Yet another malware block script using ipset (v4 and v6)

    Version 2.4 is up. Tomato version also updated. This is a minor display fix release, where the counts of the discrete IPs and CIDR ranges are displayed when run from console. This is a sample run on my (slow) router from the terminal with the default blocking (Level1 through Level3)...
  9. redhat27

    iblocklist.com generic ipset loader for ipset v6 and v4

    Yes this is the extended script, and this is the original one. A bit confusing to keep both around. I'll get rid of the original one soon and just keep the extended one. The one thing that is stopping me is the thought that all the places I'd need to update the references (wiki, posts, etc) :eek:
  10. redhat27

    iblocklist.com generic ipset loader for ipset v6 and v4

    Don't know if I'd mentioned it, but I removed that entry a while ago.
  11. redhat27

    Yet another malware block script using ipset (v4 and v6)

    Hello everyone.. So sorry for absconding almost a month. Thanks @Adamm for fielding some questions. I'll try to answer some the best I can. What @Adamm said is right, the number of sources in the FireHOL lists vary quite a bit with time. Is it that you do not see the YAMalwareBlock3IP set...
  12. redhat27

    Entware-ng for arm, mipsel ....

    ss-server is missing on the latest entware build of shadowsocks-libev :( admin@RT-AC66R-D700:/tmp/home/root# ls (minus)l /opt/bin/ss-* -rwxr-xr-x 1 admin root 159476 May 30 10:25 /opt/bin/ss-redir -rwxr-xr-x 1 admin root 4871 May 30 10:25 /opt/bin/ss-rules -rwxr-xr-x...
  13. redhat27

    iblocklist.com generic ipset loader for ipset v6 and v4

    Okay people, a new version of iblocklist-loader is up (1.2) The changes are in the extended version only. It now allows you to specify a whitelist and a blacklist CIDR file where you can add manual entries. This feature has been requested a few times. In addition, if you do not have a whilelist...
  14. redhat27

    Yet another malware block script using ipset (v4 and v6)

    Hmm, not sure what's going on with your setup. Its loading just fine for me
  15. redhat27

    Yet another malware block script using ipset (v4 and v6)

    Try a lowercase uk ;)
  16. redhat27

    Password auth succeeded for 'admin'

    @berez you also need to do this particularly. Anyone who had gained access earlier could easily leave a script that is called on startup that restores a compromised nvram.
  17. redhat27

    Yet another malware block script using ipset (v4 and v6)

    No problem! Gave me a chance to mention the update frequency from the firehol site and the suggested run frequency on your router :) It may benefit others. In this thread, there is never a dumb question. If it is confusing to you, it may be confusing to others as well.
  18. redhat27

    Yet another malware block script using ipset (v4 and v6)

    For me, apple.com resolves to 17.178.96.59 17.142.160.59 17.172.224.47 I noticed that these IPs are not there in the YAMalware* ipsets. But I can access the https://apple.com/UK just fine. Are you not able to ping those IPs or do a curl -kL https://apple.com/UK on your router? I have all 4...
  19. redhat27

    Country blocking script

    I just have it in my services-start. You can create a once a month schedule if you want to. I do too many changes in my router, so it's usually rebooted more than once in a month. I believe the script checks to see if the last time it downloaded the files is over 15 days to re-download the...
  20. redhat27

    Yet another malware block script using ipset (v4 and v6)

    You can check out the update frequency of each of the lists in the FireHOL site (links in post #1) On the main page, the site says "average update frequency: 36 minutes" Of course, you can choose to update the data as often as you choose. The whole point in having a minimalist script is to do...
Top