Yes, I’ve seen…
... because banip (obviously) ships with empty blacklist and allowlist files.
Now I have deleted the banip.allowlist which was renewed after restart …nothing changed…
The IP will be blocked furthermore…
Next step, I will deinstall banip, reboot and reinstall…so help me god…
apk add banip
(1/2) Installing gawk (5.3.2-r1)
Executing gawk-5.3.2-r1.post-install
* add alternative: /usr/bin/awk -> /usr/bin/gawk
(2/2) Installing banip (1.8.5-r2)
Executing banip-1.8.5-r2.post-install
OK: 84.7 MiB in 289 packages
Error:
* /etc/rc.common: /usr/lib/banip-functions.sh: line 1760: can't create /var/run/banIP/banIP_runtime.json: nonexistent directory
But is available:
Ok, banip installed but not startet automatically after reboot…?!
I’m not able to activate nor start banip…
[15.04.2026, 21:35:11 MESZ] user.err: banIP-1.8.5-r2[10658]: banIP is disabled
[15.04.2026, 21:35:20 MESZ] user.err: banIP-1.8.5-r2[11332]: banIP is disabled
[15.04.2026, 21:35:26 MESZ] user.err: banIP-1.8.5-r2[11437]: banIP is disabled
[15.04.2026, 21:35:28 MESZ] user.err: banIP-1.8.5-r2[11541]: banIP is disabled
[15.04.2026, 21:35:32 MESZ] user.err: banIP-1.8.5-r2[11649]: banIP is disabled
I’ll close the chapter:
{ "status": "disabled", "frontend_ver": "", "backend_ver": "1.8.5-r2", "element_count": "0 (chains: 0, sets: 0, rules: 0)", "active_feeds": [ "-" ], "wan_devices": [ "-" ], "wan_interfaces": [ "-", "-" ], "vlan_allow": [ "-" ], "vlan_block": [ "-" ], "active_uplink": [ "-" ], "nft_info": "ver: 1.1.6-r1, priority: -100, policy: memory, loglevel: warn, expiry: -, limit (icmp\/syn\/udp): 25\/10\/100", "run_info": "base: \/tmp, backup: \/tmp\/banIP-backup, report: \/tmp\/banIP-report, error: \/tmp\/banIP-error", "run_flags": "auto: ✔, proto (4\/6): ✘\/✘, bcp38: ✘, log (pre\/in\/out): ✘\/✘\/✘, count: ✘, dedup: ✔, split: ✘, custom feed: ✘, allowed only: ✘, debug: ✘", "last_run": "-", "system_info": "cores: 4, log: logread, fetch: , GL.iNet GL-MT6000, mediatek\/filogic, OpenWrt 25.12.2 (r32802-f505120278)" }
I’m not able to activate or start banip.
Did you "Enable" the service? Please check BanIP Readme regarding installation and usage: https://github.com/openwrt/packages/blob/master/net/banip/files/README.md#installation-and-usage
1 Like
EDIT:
Earlier today, I was getting download errors for (all) the Countryv4 lists.
Oddly I was able to manually download lists from the website, and via testing from the command line with curl. BanIP errored out though.
Several hours later that has resolved. Not sure what the issue was.
1 Like
Did it…see error log:
[15.04.2026, 21:35:11 MESZ] user.err: banIP-1.8.5-r2[10658]: banIP is disabled
[15.04.2026, 21:35:20 MESZ] user.err: banIP-1.8.5-r2[11332]: banIP is disabled
[15.04.2026, 21:35:26 MESZ] user.err: banIP-1.8.5-r2[11437]: banIP is disabled
[15.04.2026, 21:35:28 MESZ] user.err: banIP-1.8.5-r2[11541]: banIP is disabled
[15.04.2026, 21:35:32 MESZ] user.err: banIP-1.8.5-r2[11649]: banIP is disabled
OK, that's a bug - thanks.
Your current config please.
1 Like
I have uninstalled…but I have copied from my comment above:
config banip 'global'
option ban_enabled '1'
option ban_debug '1'
option ban_autodetect '0'
option ban_fetchretry '5'
option ban_nicelimit '-10'
option ban_filelimit '1024'
option ban_deduplicate '1'
option ban_nftpriority '-100'
option ban_icmplimit '25'
option ban_synlimit '10'
option ban_udplimit '100'
option ban_nftpolicy 'performance'
option ban_nftretry '5'
option ban_blockpolicy 'drop'
option ban_nftloglevel 'warn'
option ban_logprerouting '1'
option ban_loginbound '1'
option ban_logoutbound '1'
option ban_loglimit '100'
list ban_region 'AFRINIC'
list ban_region 'APNIC'
list ban_region 'ARIN'
list ban_region 'LACNIC'
list ban_region 'RIPE'
option ban_autoallowlist '1'
option ban_autoallowuplink 'subnet'
option ban_autoblocklist '1'
option ban_allowlistonly '0'
option ban_fetchcmd 'uclient-fetch'
option ban_protov4 '1'
list ban_logterm 'Exit before auth from'
list ban_logterm 'luci: failed login'
list ban_logterm 'AdGuardHome.*\[error\].*/control/login: from ip'
option ban_nftcount '1'
option ban_map '1'
option ban_autoblocksubnet '1'
list ban_dev 'lan2'
list ban_dev 'pppoe-WAN_GF'
list ban_ifv4 'WAN_GF'
list ban_ifv4 'WAN2_5G'
option ban_triggerdelay '150'
option ban_basedir '/mnt/sda1/banIP'
option ban_backupdir '/mnt/sda1/banIP-backup'
option ban_reportdir '/mnt/sda1/banIP-report'
option ban_errordir '/mnt/sda1/banIP-error'
list ban_feedcomplete 'doh'
option ban_countrysplit '1'
option ban_asnsplit '1'
list ban_asn '138699'
list ban_asn '31898'
list ban_asn '749'
list ban_asn '32934'
list ban_asn '396986'
option ban_bcp38 '1'
list ban_feedout 'asn'
list ban_feedout 'becyber'
list ban_feedout 'bogon'
list ban_feedout 'cinsscore'
list ban_feedout 'country'
list ban_feedout 'doh'
list ban_feedout 'drop'
list ban_feedout 'turris'
list ban_feedout 'urlhaus'
list ban_feedin 'becyber'
list ban_feedin 'cinsscore'
list ban_feedin 'doh'
list ban_feedin 'drop'
list ban_feedin 'turris'
list ban_feedin 'urlhaus'
list ban_feed 'asn'
list ban_feed 'becyber'
list ban_feed 'bogon'
list ban_feed 'cinsscore'
list ban_feed 'country'
list ban_feed 'doh'
list ban_feed 'drop'
list ban_feed 'turris'
list ban_feed 'urlhaus'
list ban_allowurl 'https://www.ipdeny.com/ipblocks/data/aggregated/us-aggregated.zone'
list ban_allowurl 'https://www.ipdeny.com/ipblocks/data/aggregated/ca-aggregated.zone'
list ban_allowurl 'https://www.ipdeny.com/ipblocks/data/aggregated/de-aggregated.zone'
list ban_allowurl 'https://www.ipdeny.com/ipblocks/data/aggregated/dk-aggregated.zone'
list ban_allowurl 'https://www.ipdeny.com/ipblocks/data/aggregated/fi-aggregated.zone'
list ban_allowurl 'https://www.ipdeny.com/ipblocks/data/aggregated/fr-aggregated.zone'
list ban_allowurl 'https://www.ipdeny.com/ipblocks/data/aggregated/no-aggregated.zone'
list ban_allowurl 'https://www.ipdeny.com/ipblocks/data/aggregated/ch-aggregated.zone'
list ban_allowurl 'https://www.ipdeny.com/ipblocks/data/aggregated/se-aggregated.zone'
list ban_allowurl 'https://www.ipdeny.com/ipblocks/data/aggregated/gb-aggregated.zone'
Just make sure, that this option is set, than you don't get the "disabled" error.
I can’t activate banip so I wasn’t able to enable banip.
…will install again…mom pls.
Clean installation
config banip 'global'
option ban_enabled '1'
option ban_debug '0'
option ban_autodetect '1'
list ban_logterm 'Exit before auth from'
list ban_logterm 'luci: failed login'
option ban_fetchretry '5'
option ban_nicelimit '0'
option ban_filelimit '1024'
option ban_deduplicate '1'
option ban_nftpriority '-100'
option ban_icmplimit '25'
option ban_synlimit '10'
option ban_udplimit '100'
option ban_nftpolicy 'memory'
option ban_nftretry '3'
option ban_blockpolicy 'drop'
option ban_nftloglevel 'warn'
option ban_logprerouting '0'
option ban_loginbound '0'
option ban_logoutbound '0'
option ban_loglimit '100'
option ban_autoallowlist '1'
option ban_autoallowuplink 'subnet'
option ban_autoblocklist '1'
option ban_allowlistonly '0'
Fully prepared
config banip 'global'
option ban_enabled '1'
option ban_debug '1'
option ban_autodetect '0'
option ban_fetchretry '5'
option ban_nicelimit '-10'
option ban_filelimit '1024'
option ban_deduplicate '1'
option ban_nftpriority '-100'
option ban_icmplimit '25'
option ban_synlimit '10'
option ban_udplimit '100'
option ban_nftpolicy 'performance'
option ban_nftretry '3'
option ban_blockpolicy 'drop'
option ban_nftloglevel 'warn'
option ban_logprerouting '1'
option ban_loginbound '1'
option ban_logoutbound '1'
option ban_loglimit '100'
option ban_autoallowlist '1'
option ban_autoallowuplink 'subnet'
option ban_autoblocklist '1'
option ban_allowlistonly '0'
option ban_protov4 '1'
list ban_dev 'lan2'
list ban_dev 'pppoe-WAN_GF'
list ban_ifv4 'WAN_GF'
list ban_ifv4 'WAN2_5G'
option ban_fetchcmd 'uclient-fetch'
option ban_bcp38 '1'
option ban_nftcount '1'
option ban_map '1'
list ban_feedout 'asn'
list ban_feedout 'bogon'
list ban_feedout 'country'
list ban_feedinout 'becyber'
list ban_feedinout 'cinsscore'
list ban_feedinout 'drop'
list ban_feedinout 'turris'
list ban_feedinout 'urlhaus'
list ban_logterm 'Exit before auth from'
list ban_logterm 'luci: failed login'
list ban_logterm 'AdGuardHome.*\[error\].*/control/login: from ip'
list ban_feed 'asn'
list ban_feed 'becyber'
list ban_feed 'bogon'
list ban_feed 'cinsscore'
list ban_feed 'country'
list ban_feed 'drop'
list ban_feed 'turris'
list ban_feed 'urlhaus'
list ban_region 'AFRINIC'
list ban_region 'APNIC'
list ban_region 'ARIN'
list ban_region 'LACNIC'
list ban_region 'RIPE'
option ban_countrysplit '1'
list ban_asn '749'
list ban_asn '31898'
list ban_asn '32934'
list ban_asn '138699'
list ban_asn '396986'
option ban_asnsplit '1'
list ban_allowurl 'https://www.ipdeny.com/ipblocks/data/aggregated/ca-aggregated.zone'
list ban_allowurl 'https://www.ipdeny.com/ipblocks/data/aggregated/dk-aggregated.zone'
list ban_allowurl 'https://www.ipdeny.com/ipblocks/data/aggregated/fi-aggregated.zone'
list ban_allowurl 'https://www.ipdeny.com/ipblocks/data/aggregated/de-aggregated.zone'
list ban_allowurl 'https://www.ipdeny.com/ipblocks/data/aggregated/no-aggregated.zone'
list ban_allowurl 'https://www.ipdeny.com/ipblocks/data/aggregated/se-aggregated.zone'
option ban_autoblocksubnet '1'
I can’t update any feeds:
Error log:
[16/04/2026-10:05:26] banIP-[5023]: banIP is disabled
[16/04/2026-10:05:26] banIP-[5102]: banIP is disabled
[16/04/2026-10:06:00] banIP-1.8.5-r2[5378]: banIP is disabled
[16/04/2026-10:06:02] banIP-1.8.5-r2[5480]: banIP is disabled
[16/04/2026-10:06:04] banIP-1.8.5-r2[5582]: banIP is disabled
[16/04/2026-10:06:06] banIP-1.8.5-r2[5681]: banIP is disabled
[16/04/2026-10:06:08] banIP-1.8.5-r2[5788]: banIP is disabled
[16/04/2026-10:06:10] banIP-1.8.5-r2[5887]: banIP is disabled
[16/04/2026-10:06:12] banIP-1.8.5-r2[5989]: banIP is disabled
[16/04/2026-10:06:14] banIP-1.8.5-r2[6091]: banIP is disabled
[16/04/2026-10:06:16] banIP-1.8.5-r2[6189]: banIP is disabled
[16/04/2026-10:06:19] banIP-1.8.5-r2[6295]: banIP is disabled
[16/04/2026-10:06:23] banIP-1.8.5-r2[6401]: banIP is disabled
[16/04/2026-10:06:32] banIP-1.8.5-r2[6519]: banIP is disabled
[16/04/2026-10:06:47] banIP-1.8.5-r2[6642]: banIP is disabled
[16/04/2026-10:06:49] banIP-1.8.5-r2[6744]: banIP is disabled
[16/04/2026-10:06:51] banIP-1.8.5-r2[6842]: banIP is disabled
[16/04/2026-10:06:53] banIP-1.8.5-r2[6949]: banIP service autostart is disabled
[16/04/2026-10:36:10] banIP-1.8.5-r2[12124]: banIP service autostart is disabled
[16/04/2026-10:37:39] banIP-1.8.5-r2[13848]: banIP service autostart is disabled
[16/04/2026-10:37:47] banIP-1.8.5-r2[14416]: banIP service autostart is disabled
[16/04/2026-10:39:14] banIP-1.8.5-r2[17227]: banIP service autostart is disabled
/etc/init.d/banip enable
Did it, works, no error any more
you finally managed to RTFM, good on you!
Ok, my core issue was, I couldn’t add IPany more to the withlist…currently I can’t download country feeds - endet with RC4…let me see…and found a bug…, good for all!
Current issue is, unable to download country lists:
[16.04.2026, 12:02:18 MESZ] user.info: banIP-1.8.5-r2[23952]: download for feed 'country.tm.v4' failed, rc: 4
[16.04.2026, 12:02:18 MESZ] user.debug: banIP-1.8.5-r2[23952]: f_down ::: feed: country.tm.v4, policy: out, complete: -, cnt_dl: -, cnt_set: -, split_size: 0, time: 0, rc: 4
I can request https://www.ipdeny.com/ipblocks/data/aggregated/ and the separat aggregated.zone but can’t download in banip.
I have checked the error log for country.list downloads:
SSL error: SSL - A field in a message was incorrect or inconsistent with other fields
Connection error: Connection failed
Solution:
option ban_fetchinsecure '1'
…shoud not be…
Report such problems upstream to the site admins - thanks.
banIP 1.8.6 has been released which addressed your issue ...
2 Likes