Search results

  • SNBForums Code of Conduct

    SNBForums is a community for everyone, no matter what their level of experience.

    Please be tolerant and patient of others, especially newcomers. We are all here to share and learn!

    The rules are simple: Be patient, be nice, be helpful or be gone!

  1. redhat27

    Yet another malware block script using ipset (v4 and v6)

    @who me? Please change the storage locations to a valid locations on your usb stick on lines 5,6,7 in the script
  2. redhat27

    Yet another malware block script using ipset (v4 and v6)

    You do need a "apply" after enabling jffs. Not sure if a reboot is needed for tomato. @HRearden did confirm it worked for him on #320 I would try doing the install from the command line (ssh/telnet session) as detailed on post #1, after creating a /jffs/scripts directory
  3. redhat27

    Yet another malware block script using ipset (v4 and v6)

    @who me? One of the things I would check carefully is the download path for the white or black lists. If /jffs does not exist on your router, it will fail. Can you give me a top-level default directory for your router with tomato?
  4. redhat27

    Yet another malware block script using ipset (v4 and v6)

    Thank you! Do feel free to submit a PR to contribute your changes, or fork my repo :), even though there isn't much there. That's what open source is all about. The link to my Github repo is in post #1. I too have an older AC66U: It hasn't given me any problems to incentivize me to upgrade it...
  5. redhat27

    Yet another malware block script using ipset (v4 and v6)

    My new job (and my family) is keeping me quite occupied :oops: Besides, there hasn't been much interest lately, so I didn't log in much.
  6. redhat27

    Yet another malware block script using ipset (v4 and v6)

    @jorn Like @john9527 said, your /jffs mount is pretty full. Maybe free up some space?
  7. redhat27

    Yet another malware block script using ipset (v4 and v6)

    Not gone gone... Just gone dormant ;)
  8. redhat27

    RTN66U Losing internet - always solved by pulling cable??

    Is your cable modem DOCSIS 2.0 or 3.0? Comcast does not support 2.0 anymore. Try to get comcast run a diagnostic check on your cable modem... Also, why this: Nov 16 09:36:32 dnsmasq[840]: using nameserver 75.75.76.76#53 for domain hsd1.fl.comcast.net Nov 16 09:36:32 dnsmasq[840]: using...
  9. redhat27

    Yet another malware block script using ipset (v4 and v6)

    Do not know if this would be a valid option for you, but you can easily block a device's access to the internet from the web UI. If you need a more fine grained approach, @Martineau has an excellent script for that.
  10. redhat27

    RTN66U Losing internet - always solved by pulling cable??

    I would recommend that you start with a factory reset of the router and check first, like @kryptto suggested. Let us know if the problem persists after a reset.
  11. redhat27

    Country blocking script

    It may not work for 1 day, but I've verified that it does work for a value more than one. In your example, if I set BLOCKLISTS_SAVE_DAYS=7 and my .lst files are already a week old, it does re-download. I have tested this.
  12. redhat27

    Country blocking script

    The $Action options are "Add" and "Reload" However is the quoted lines in the code? If you are sure you want to run this every day (I feel that it is too frequent), then you can prefix your run command with: rm /jffs/ipset_lists/??.lst; rm /jffs/ipset_lists/tor.lst; <script> It will download...
  13. redhat27

    Yet another malware block script using ipset (v4 and v6)

    @mrfrank9 Yes, adding to what @thelonelycoder said, if you are worried about inbound connections from the domain, you should use this script (firewall). If you are trying to block outbound connections to a particular domain for your whole LAN, you may use DNS poisoning. These are very different...
  14. redhat27

    Country blocking script

    "TorNodes" ipset will be reloaded if tor.lst is downloaded. There should be a syslog entry once TorNodes is reloaded
  15. redhat27

    Yet another malware block script using ipset (v4 and v6)

    Did the tomato version work without issues? Microsoft Telemetry is already blocked. The first url in the ya-malware-block.urls file uses a static list of telemetry and some scanner IPs
  16. redhat27

    Yet another malware block script using ipset (v4 and v6)

    You can try to see if the IP of the TLD of your test address is in the YAMalwareBlock* ipsets by using a shell function such as this one. To get the IP you can do a nslookup or ping the domain. If you get no response on ping, it's blocked by the iptables rule on the ipset (if it's in one of the...
  17. redhat27

    Yet another malware block script using ipset (v4 and v6)

    Thank you that explains quite a bit. The --set option has been deprecated in iptables 1.4.x Since ipset 4.x is on older hardware, I had assumed that iptables would stay 1.3.x For now, the error is harmless, and if you do not like seeing the 'webstr' library error, you can safely use the tomato...
  18. redhat27

    Country blocking script

    Can you post the output of ls (minus)l /jffs/ipset_lists/tor.* Then can you remove the tor.lst and try again? It appears to be working fine for me.
  19. redhat27

    Yet another malware block script using ipset (v4 and v6)

    Sorry for the late reply. I'm assuming that you are running the script unmodified. Let me know if that is not the case. Do you get any output when you issue these commands: iptables-save | grep -q YAMalwareBlockCIDR && echo "found" iptables -t raw -I PREROUTING -m set --set YAMalwareBlockCIDR...
  20. redhat27

    Country blocking script

    Can you verify the timestamp of the tor.lst file does not update? Is the size of the tor.lst file non-zero?
Top