What's new

Malware Filter / bad host IPSET

  • SNBForums Code of Conduct

    SNBForums is a community for everyone, no matter what their level of experience.

    Please be tolerant and patient of others, especially newcomers. We are all here to share and learn!

    The rules are simple: Be patient, be nice, be helpful or be gone!

No need unless you are getting an error. Changing it would not alter the behavior. Users of dd-wrt do not have iptables-save, so that was a workaround. BTW the wiki is here
And no support for it in the entware package either :( Thanks for suggesting the work around solution @redhat27.
 
feel free to add blockstats on my filters if you have a working solution or post em here in the thread :)
 
No need unless you are getting an error. Changing it would not alter the behavior. Users of dd-wrt do not have iptables-save, so that was a workaround. BTW the wiki is here
Thanks soo much!
I kinda thought that was ok, but I wanted expert opinion.
I'll bm the wiki.
Thanks again!
 
feel free to add blockstats on my filters
The alias greps for all blocklist sets (matches "match-set") So all active blocklist stats will display (malware blocks, country blocks, tor blocks, iblocklist blocks or anything else that is is an ipset blocklist or allowlist that is enabled in iptables)
 
ok havent bothered with that since i dont really check my stats that often but nice to know gonna do some changes since they apply to all active blockfilter
 
I have a question.
When "Malware-Filter" runs on the crontab. My CPU's both cores jump up all over the place up to 97%.
Is this normal? Is this ok?
 
I have a question.
When "Malware-Filter" runs on the crontab. My CPU's both cores jump up all over the place up to 97%.
Is this normal? Is this ok?
Yes, and yes.
 
I loaded the new ver. 20. rebooted, but the new scripts says, "ip V4" loaded. I have V6. Is that incorrect?
That refers to IP addresses vs the ipset version. I had the same question awhile back.
 
That refers to IP addresses vs the ipset version. I had the same question awhile back.
Ahh!
That makes complete sense!
I just thought it was an odd msg. in my logs.
Thank you for clearing that up.
By the way the script worked fine for me.
 
actually its how many ipv4 addresses are loaded, but if you have ipv6 enabled it should say 0 cause I haven't included any ipv6 blocklists yet
 
but aslong as it says blocked x amount in syslog then its working, but as of now ipv6 should say 0 cause I have no ipv6 blocklists yet
 
but aslong as it says blocked x amount in syslog then its working, but as of now ipv6 should say 0 cause I have no ipv6 blocklists yet
Yes!
It says it blocked 36000 ip's and the next line says blocked 850 ip ranges
I don't use v6 ip addresses, so as Xentrk said it must be working right.
Thanks!
 
I'm a little confused--are we on version 20 or 24?
 

Similar threads

Support SNBForums w/ Amazon

If you'd like to support SNBForums, just use this link and buy anything on Amazon. Thanks!

Sign Up For SNBForums Daily Digest

Get an update of what's new every day delivered to your mailbox. Sign up here!
Top