Ohh.. not sure what is happening with your setup. I have also an x86 based test network to play around different configurations for openwrt. Just tested your possible issue there and can't reproduce the error.
One of the things I can think of is this portion in the "Advanced Settings". Maybe you are reaching max open files??
Hi Everyone, installed today the stable 24.10 coming from 23.05.5 on my GL-iNet MT6000 using module BANIP can't load on luci the Overview page of it, displays a "Cannot read properties of undefined (reading 'trim')" Type Error. On logread no errors appear. Upgraded via sysupgrade and installed all modules from scratch (just kept the config files).
Is it possible to set the whitelist only mode for incoming connections only?
For example only allow certain asns,countries for incoming connections(wan)?
And have other ban lists apply on top of this?
yep, limit the allowlist to inbound chain, see readme for details. To get what you want, disable the "allowlist only" and limit rhe allowlist feed and you're done
so, how to add all IPs of a certain country to the allowlist and how can this work when I should disable "allowlist only" mode?
Sorry, what am I missing?
Thanks, I didn't know that the luci app fronted has a preconfigured list.
I was trying to configure this through the config file and expected that it was just possible to specify one or more of the feeds but ban_allowurl only takes urls?
The latest luci app doesn't show the Save, Apply, etc Buttons for me.
In which file is the country to url mapping stored?
So I can take the needed values from there...
This will only work if the default firewall input policy is drop/reject?
And let's assume country X is on the allow list but some other ban feeds have IPs from country X included, doesn't this approach overwrite the other feeds and allow everything from country X?
But the entire approach I'm trying to do does not work.
To make it somewhat work I have to enable "allowlist only mode" but this will disable all other ban feeds and doesn't apply them on top of the allow list.
I want to only allow country X and also have other ban feeds still block IPs even from country X if there are IPs in the other feeds.
So basically block all IP not from Country X but also block maybe suspicious IP from Country X too.
AllowList contains IPs from country X.
idk what the best way would be to implement something like this.
Maybe some sort of "inverse" flag for certain feeds and move them to the top of the chain? ban_feed_inverse?
i asked because i dont want to go any further with that since i dont have clue about firewalling or routing, just want to keep it working.
is that correct now?