What's new

Privacy Filter (Another IPSET Script)

  • SNBForums Code of Conduct

    SNBForums is a community for everyone, no matter what their level of experience.

    Please be tolerant and patient of others, especially newcomers. We are all here to share and learn!

    The rules are simple: Be patient, be nice, be helpful or be gone!

ok @Xentrk , lets focus on the router you dont get good results on, cause the other ones are getting the expected numbers.

if you dont want the debuglog in open send in pm, ive limited this too my scrips only and how they start.

Mind telling whats too revealing with that debuglog perhaps that can be changed.

Thanks in advance for the help. The debug tool output directory listings of my SMB drive, where I have backups of the scripts. It also has my name and desktop/laptop name.

Here are the contents of firewall-start
Code:
#!/bin/sh
sh /jffs/scripts/create-ipset-lists.sh
/jffs/scripts/privacy-filter
/jffs/scripts/IPSET_Block.sh init nolog
 
yepp saw will limit search to /jffs with the debugtool

and as for all those script might wanna space em out a bit so they dont run all at once that might be a bit heavy.

just use sleep 30 && script
 
Last edited:
yepp saw will limit search to /jffs with the debugtool

and as for all those script might wanna space em out a bit so they dont run all at once that might be a bit heavy.

just use sleep 30 && script

I moved start of privacy-filter to wan-start as follows:

Code:
sleep 30 && /jffs/scripts/privacy-filter
I am getting 104 now unique ip address now:
Code:
Apr 26 19:21:00 system: Privacy Filter (ipv4) loaded 104 unique ip addresses that will be rejected from contacting your router.
This is much closer to the 121 and 113 I got on the other routers.

I changed firewall-start to add 300 minutes before they run to spread things out. Otherwise, both cores run all out during boot up:
Code:
#!/bin/sh
sleep 300 && sh /jffs/scripts/create-ipset-lists.sh
sleep 300 && /jffs/scripts/IPSET_Block.sh init nolog

The updates you made to the debug tool worked. You can see the results here: https://clbin.com/sY1ML
 
over 100 is ok :) so we narrowed it down to the router being overworked with alot of scripts running at the same time :) and again it will get different results pending on what servers are up at the moment of the scan so im glad that it worked out, and im glad that the debugtool doesnt scan your hdd anymore :p

but you need to change that last line

sleep 300 && /jffs/scripts/IPSET_Block.sh init nolog

my daily updates of the filter pends from 101-121 depending on days so over a 100 or close to 100 is ok.
 
over 100 is ok :) so we narrowed it down to the router being overworked with alot of scripts running at the same time :) and again it will get different results pending on what servers are up at the moment of the scan so im glad that it worked out, and im glad that the debugtool doesnt scan your hdd anymore :p

but you need to change that last line

sleep 300 && /jffs/scripts/IPSET_Block.sh init nolog

my daily updates of the filter pends from 101-121 depending on days so over a 100 or close to 100 is ok.
Thanks so very much!! Glad we got it fixed. Grateful as always. :D
 
Hi ... IPv6 does not seem to work - or do I see the wrong?

Code:
ASUSWRT-Merlin RT-AC87U 380.66-beta1-g7b22cbf Fri Apr 21 18:45:56 UTC 2017
...@RT-AC87U:/tmp/home/root# iptables -L -v | grep "privacy-filter_ipv4" | awk '{print "Privacy Filter (ipv4) Blocked: " $1 " packets",
$2 " is the size of the transmission"}'
Privacy Filter (ipv4) Blocked: 267 packets 15444 is the size of the transmission
Privacy Filter (ipv4) Blocked: 0 packets 0 is the size of the transmission
miju@RT-AC87U:/tmp/home/root# iptables -L -v | grep "privacy-filter_ipv6" | awk '{print "Privacy Filter (ipv6) Blocked: " $1 " packets",
$2 " is the size of the transmission"}'
...@RT-AC87U:/tmp/home/root#

https://clbin.com/MDy5b
 
Last edited:
debuglog please makes my work so much easier

Code:
wget https://gitlab.com/swe_toast/debugtool/raw/master/debugtool.sh && sh debugtool.sh && rm debugtool.sh

then post the link that log generates.
 
Code:
ipset -L privacy-filter_ipv6

are there any entries when running this command ?

and mind trying this instead

Code:
ip6tables -L -v | grep "privacy-filter_ipv6" | awk '{print "Privacy Filter (ipv6) Blocked: " $1 " packets", $2 " is the size of the transmission"}'
 
Last edited:
Thanks for the constant help! :)
Code:
ASUSWRT-Merlin RT-AC87U 380.66-beta1-g7b22cbf Fri Apr 21 18:45:56 UTC 2017
...@RT-AC87U:/tmp/home/root# ipset -L privacy-filter_ipv6
Name: privacy-filter_ipv6
Type: hash:ip
Revision: 0
Header: family inet6 hashsize 1024 maxelem 65536
Size in memory: 8760
References: 9
Members:
2a01:111:f303:1791::b01
2400:cb00:2048:1::6810:345d
2a00:1450:4016:807::2006
2a00:1450:4016:802::2006
2606:2800:234:2294:b59:11e7:560:10db
2a01:111:f307:1794::a01
2604:a880:800:10::99:7001
2a01:111:200b:2::bcc1
miju@RT-AC87U:/tmp/home/root#
Code:
ASUSWRT-Merlin RT-AC87U 380.66-beta1-g7b22cbf Fri Apr 21 18:45:56 UTC 2017
...@RT-AC87U:/tmp/home/root# ip6tables -L -v | grep "privacy-filter_ipv6" | awk '{print "Privacy Filter (ipv6) Blocked: " $1 " packets", $2 " is the size of
 the transmission"}'
Privacy Filter (ipv6) Blocked: 0 packets 0 is the size of the transmission
Privacy Filter (ipv6) Blocked: 0 packets 0 is the size of the transmission
Privacy Filter (ipv6) Blocked: 0 packets 0 is the size of the transmission
Privacy Filter (ipv6) Blocked: 0 packets 0 is the size of the transmission
Privacy Filter (ipv6) Blocked: 0 packets 0 is the size of the transmission
Privacy Filter (ipv6) Blocked: 0 packets 0 is the size of the transmission
Privacy Filter (ipv6) Blocked: 0 packets 0 is the size of the transmission
Privacy Filter (ipv6) Blocked: 0 packets 0 is the size of the transmission
Privacy Filter (ipv6) Blocked: 0 packets 0 is the size of the transmission
...@RT-AC87U:/tmp/home/root#
 
Last edited:
Is it somehow possible to find list entries which are responsible that some sites do not load? E.g.: skysports.com


Sent from my iPhone using Tapatalk
 
Code:
nslookup skysports.com
ipset -L privacy-filter_ipv4 | grep "the_ip_adress_of_sky_sports"

enjoy, my guess is no

Code:
# nslookup skysports.com
Server:    127.0.0.1
Address 1: 127.0.0.1 localhost.localdomain

Name:      skysports.com
Address 1: 90.216.129.62
# ipset -L privacy-filter_ipv4 | grep 90.216.129.62

returned nothing for me on my router if you suspect something check what else your running..
 
Yeah those were the steps I already took... I'm just running your scripts (uBlockr, Privacy Filter & Malware Filter).. skysports used to work when I didn't whitelist privacy-filter/malware-filter entries in uBlockr. Guess I'll just live with it for now.
 
try whitelisting skysports in ublockr thats worth testing thats the only one that has a broad filter.
 
That didn't work. As soon as I disable privacy filter the site works. Seems strange to me.


Sent from my iPhone using Tapatalk
 

Similar threads

Support SNBForums w/ Amazon

If you'd like to support SNBForums, just use this link and buy anything on Amazon. Thanks!

Sign Up For SNBForums Daily Digest

Get an update of what's new every day delivered to your mailbox. Sign up here!
Top