I wanted to prevent DOH with banip. After I called up some domains from the banlist and they were not blocked, I realised that banip was throwing me an error:
::: banIP runtime information
+ status : error (nft: ✘, monitor: ✘)
+ version : 0.9.4-3
+ element_count : 0
+ active_feeds : -
+ active_devices : wan: pppoe-wan / wan-if: wan, wan_6 / vlan-allow: - / vlan-block: -
+ active_uplink : -
+ nft_info : priority: -200, policy: memory, loglevel: warn, expiry: -
+ run_info : base: /tmp, backup: /tmp/banIP-backup, report: /tmp/banIP-report
+ run_flags : auto: ✔, proto (4/6): ✔/✔, log (wan-inp/wan-fwd/lan-fwd): ✔/✔/✘, dedup: ✔, split: ✘, custom feed: ✘, allowed only: ✘
+ last_run : -
+ system_info : cores: 4, memory: 446, device: Raspberry Pi 4 Model B Rev 1.1, OpenWrt 23.05.3 r23809-234f1a2efa
I now don't know where to start looking.
logread is silent, the log file stored in banip does not exist and nft is of course installed (can be called via the shell).
/etc/config/banip
config banip 'global'
option ban_enabled '1'
option ban_debug '0'
option ban_autodetect '1'
list ban_logterm 'Exit before auth from'
list ban_logterm 'luci: failed login'
list ban_logterm 'error: maximum authentication attempts exceeded'
list ban_logterm 'sshd.*Connection closed by.*\[preauth\]'
list ban_logterm 'SecurityEvent=\"InvalidAccountID\".*RemoteAddress='
list ban_logterm 'received a suspicious remote IP '\''.*'\'''
option ban_fetchcmd 'curl'
option ban_protov4 '1'
list ban_ifv4 'wan'
option ban_protov6 '1'
list ban_ifv6 'wan_6'
list ban_dev 'pppoe-wan'
list ban_feed 'doh'
option ban_deduplicate '1'
option ban_loginput '1'
option ban_logforwardwan '1'
option ban_logforwardlan '0'
option ban_autoallowlist '1'
option ban_autoblocklist '1'
option ban_allowlistonly '0'
option ban_nftloglevel 'warn'