Help with setting blocklists on an AC68U

[dandle]

Thanks a lot. Will try it out

By the way. I tried out your Privacy Filter script and I think I got it to work! To confirm I pinged one of the hostnames and it came back as 127.0.01 (loopback). So I'm assuming that it's working?

One more thing. I couldn't get the script to work originally because the path set in the script was not found on my system. I was getting this message;

'/opt/var/cache/privacy-filter/privacy-filter.list': No such file or directory

So what I did was create a directory within /jffs and named it 'filters' and edited the script to point to that directory. Is that okay? Perhaps there's a reason it was placed in the original directory?

 

[swetoast]

read the instructions again carefully

and paths can be substituted for any location it doesnt have to be /opt/blah blah it can be where ever you set the script to look for that file. And yes for the dns queries if it returns as 127.0.0.1 then its working and ip should reject ping etc.

 

[dandle]

Cool thanks.

One more question. Can I move these over to a USB drive? Only because I don't want too much unnecessary writes to the flash. I assume it's just a matter of changing the path name in the script?

 

[swetoast]

yeah it is. i got my malware-filter on a usb thumb drive works just fine.

 

[dandle]

Thanks a lot. Got the malware list working too!

 

[swetoast]

Glad that it help good luck with your peerguardian adventure

 

[dandle]

Sorry, last question for now, promise

Is there a command to verify that everything is working as it should and that it's blocking the ips in the malware list?

 

[swetoast]

ipset --list malware-filter
iptables -L | grep malware

these two commands shoud show it working
first is the rule with all the ips in a long list
and the other is the firewall rule that drops all traffic

and you can turn on webui

Firewall > Logged packets type

set that to dropped.

 

[dandle]

Great. Thanks for those two commands. It does indeed show the list of IPs in the first command and the Reject all rule for the second.

I've followed your step to drop logged packet type. What does this do exactly? I'm assuming it would show up in the system log on the WebUI if there was a match or something?

 

[swetoast]

yes you assumed correct

 

[dandle]

Hi again

Blocklists have been running fine since Sunday. However it seems I need to manually run the privacy-filter and malware-filter every day to get it to activate. When I run the command
iptables -L | grep malware and iptables -L | grep privacy, it displays nothing but if I manually run the scripts then those commands, it lists the correct output. Is there a way to get it to run automatically for both?

I did have a look at the link you posted https://github.com/RMerl/asuswrt-merlin/wiki/Using-ipset#malware-filter, specifically this;

"then type this

nano /jffs/scripts/services-start

and append

cru a malware-filter "0 */12 * * */opt/bin/malware-block"

I'm not sure whether I did it correctly, probably not if it's not working for me. What I did was created a new file using WinSCP in the /jffs/scripts directory and named it services-start. I then copied and pasted over cru a malware-filter "0 */12 * * */my directory path/malware-block but it seems that hasn't done anything.

Would be great if I could get some guidance on running both scripts automatically and have it update in the background

Thanks!

 

[tomsk]

Hi again

Blocklists have been running fine since Sunday. However it seems I need to manually run the privacy-filter and malware-filter every day to get it to activate. When I run the command
iptables -L | grep malware and iptables -L | grep privacy, it displays nothing but if I manually run the scripts then those commands, it lists the correct output. Is there a way to get it to run automatically for both?

I did have a look at the link you posted https://github.com/RMerl/asuswrt-merlin/wiki/Using-ipset#malware-filter, specifically this;

"then type this

nano /jffs/scripts/services-start

and append

cru a malware-filter "0 */12 * * */opt/bin/malware-block"

I'm not sure whether I did it correctly, probably not if it's not working for me. What I did was created a new file using WinSCP in the /jffs/scripts directory and named it services-start. I then copied and pasted over cru a malware-filter "0 */12 * * */my directory path/malware-block but it seems that hasn't done anything.

Would be great if I could get some guidance on running both scripts automatically and have it update in the background

Thanks!

Do you have Aiprotection enabled?.... correct me if I'm wrong, but i believe this flushes the iptables on a regular basis...thats why they disappear.

You may need a cron job to start them again

 

[dandle]

I do have AiProtection 'Parental Controls - Web & Apps Filters' enabled. Would that have something to do with it?

I'm not sure what a cron job is or how to run it. I've heard the term but that's as far as it goes

 

[tomsk]

I do have AiProtection 'Parental Controls - Web & Apps Filters' enabled. Would that have something to do with it?

I'm not sure what a cron job is or how to run it. I've heard the term but that's as far as it goes

Cron Utility
add:    cru a <unique id> <"min hour day month week command">
delete: cru d <unique id>
list:   cru l

https://github.com/RMerl/asuswrt-merlin/wiki/Scheduled-tasks-(cron-jobs)

You can type your cru command directly into the command line and the cron job will run as long as you dont reboot the router. You will need to put the cru command into a script if you want it to restart after a reboot.

 

[dandle]

So you mean I can just paste in the following command while SSHed in?

cru a malware-filter "0 */12 * * */tmp/mnt/sda1/filters/malware-filter/malware-block"

And that should work? How can I confirm it is indeed running as I don't get a success output.

 

[tomsk]

So you mean I can just paste in the following command while SSHed in?

cru a malware-filter "0 */12 * * */tmp/mnt/sda1/filters/malware-filter/malware-block"

And that should work? How can I confirm it is indeed running as I don't get a success output.

Yup that should work...... you can see your active cron jobs by typing cru l (lower case L) and you should see the cron job in your syslog too whenever it runs

 

[dandle]

Hi guys.

By the way, I forgot to ask. If I want to disable these scripts temporarily is there a command for that or some way I can do it?

Thanks.

 

[swetoast]

remove the cru entry and reboot the router or add # before the cru command

 

[dandle]

Thanks.

I only ask because I'm not sure whether the firewall or the filters I've enabled are messing about with downloading updates on the PS4. I've tried going into any scripts I remember creating and just cutting out the text and keeping it safe so I can paste the script back in. None of it seems to be working. I'm wondering if perhaps I may have some fragments of scripts lying around the /JFFS initially when I was starting out with scripts.

Is there a way I can do a format on the /JFFS directory, that way I can revert everything back to default and I can start fresh? Is it safe i.e will it wear out the flash?

 

[swetoast]

no need to format the jffs partition just # or remove the entry and reboot

but if your deadset on reformating just check under administration there is an option for reformat