Menu
What's new
By:
Filters Better Search

Search results

  • SNBForums Code of Conduct

    SNBForums is a community for everyone, no matter what their level of experience.

    Please be tolerant and patient of others, especially newcomers. We are all here to share and learn!

    The rules are simple: Be patient, be nice, be helpful or be gone!

  1. redhat27

    Yet another malware block script using ipset (v4 and v6)

    That is odd. See if your external dns server IP is in any of the loaded lists with this shell function. You can always whitelist your dns: Just assign your dns server ip to your "my_dns" domain in /jffs/configs/host.add and then whitelist that domain (my_dns)
  2. redhat27

    Yet another malware block script using ipset (v4 and v6)

    It should include all your ipsets that are referenced in your firewall. Which lists from the iblocklist-loader were you expecting? Run the loader script and check syslog to see if the lists were loaded
  3. redhat27

    iblocklist.com generic ipset loader for ipset v6 and v4

    @Jack Yaz Check your UI IP with the shell function I provided in the other thread and see which set is the culprit
  4. redhat27

    Yet another malware block script using ipset (v4 and v6)

    Thanks @Adamm I've uploaded a new script in github. Please download as per OP Here is a small shell function that you can put in your /jffs/configs/profile.add You'll need to install paste (opkg install coreutils-paste) For ipset-v4: cl() { # Check IP against ipset lists if [ -z "$1" ]...
  5. redhat27

    iblocklist.com generic ipset loader for ipset v6 and v4

    @Jack Yaz Are you referring to this script or the ya-malware-block. Which one is causing the UI issues for you? @Xentrk See post #90, you can whitelist the sites that you visit. It is very easy to add the sites on the local file. Just add the domain and rerun this script manually. You can test...
  6. redhat27

    Yet another malware block script using ipset (v4 and v6)

    Which adblocking solution are you using? You should be able to whitelist raw.githubusercontent.com.
  7. redhat27

    Yet another malware block script using ipset (v4 and v6)

    My pings are a lot faster: PING raw.githubusercontent.com (151.101.64.133): 56 data bytes 64 bytes from 151.101.64.133: seq=0 ttl=59 time=26.782 ms 64 bytes from 151.101.64.133: seq=1 ttl=59 time=22.697 ms 64 bytes from 151.101.64.133: seq=2 ttl=59 time=22.424 ms 64 bytes from 151.101.64.133...
  8. redhat27

    Yet another malware block script using ipset (v4 and v6)

    @shooter40sw and @jack901 can you do the nslookup raw.githubusercontent.com and send me the output?
  9. redhat27

    Yet another malware block script using ipset (v4 and v6)

    You can still get the old version of the script from git history if you want to revert the changes and see if that makes any difference
  10. redhat27

    Yet another malware block script using ipset (v4 and v6)

    Those who are stuck on wget, can you do these: nslookup raw.githubusercontent.com ping raw.githubusercontent.com For me there are no issues with the updated script: May 12 15:29:29 Firewall: /jffs/scripts/ya-malware-block.sh: Adding malware-block rules to firewall... May 12 15:30:01 Firewall...
  11. redhat27

    Yet another malware block script using ipset (v4 and v6)

    If you have this script in the services-start, can you try a reboot? I think it is blocked by another process somewhere. The timing should show up in the syslog
  12. redhat27

    iblocklist.com generic ipset loader for ipset v6 and v4

    You'd want to delete the old rules from both the INPUT and FORWARD chain on the filter table. Do a iptables-save -t filter (or just iptables-save), find the offending rules, and then copy the whole line, and change -A to -D so: find the line with -A FORWARD <blah> <blah> and run iptables -D...
  13. redhat27

    Yet another malware block script using ipset (v4 and v6)

    It should not take that long there is nothing in the new script that is different other than the iptables rules. Is your router busy at the time you ran it.. checking cpu load may help
  14. redhat27

    iblocklist.com generic ipset loader for ipset v6 and v4

    I have uploaded the updated script in github. Can you download and test?
  15. redhat27

    Yet another malware block script using ipset (v4 and v6)

    It does create a /tmp file, but it gets deleted before the script exists. You'd be able to see the blocked packets with: iptables -vL -t raw
  16. redhat27

    iblocklist.com generic ipset loader for ipset v6 and v4

    @jack901 Posted reply in the correct thread.
  17. redhat27

    Yet another malware block script using ipset (v4 and v6)

    Can you do: rm /jffs/ipset_lists/ya-malware-block.url_list wget --no-check-certificate -O /jffs/scripts/ya-malware-block.sh https://raw.githubusercontent.com/shounak-de/misc-scripts/master/ya-malware-block.sh /jffs/scripts/ya-malware-block.sh Also, can you do this as a test: wget...
  18. redhat27

    iblocklist.com generic ipset loader for ipset v6 and v4

    Thank you for the offer. I will upload the new iblocklist-loader script shortly and let you know
  19. redhat27

    Yet another malware block script using ipset (v4 and v6)

    There is a version 1.3 in github now. Only the main script changed, not the sources list. Changelog for 1.3: [1] Using the PREROUTING chain of the raw table instead of INPUT and FORWARD chains of the filter table. Thanks @Adamm for suggestion [2] Corrected the count of the ipset (need to...
  20. redhat27

    iblocklist.com generic ipset loader for ipset v6 and v4

    You have a valid point there. Ideally the effect should be in a common place: Should affect traffic that is generated outside (like the INPUT chain in the filter table) and also for traffic that is generated inside the LAN (like the FORWARD chain on the filter table) A common place is the...
Top