For the country feed to work you need at least two config entries:
list ban_feed 'country' # enable the country feed
[...]
list ban_country 'cn' # one or multiple countries you want to block
list ban_country 'ru'
list ban_blockingress 'country' # optional/useful: block only incoming connections (not outgoing)
The trigger option has nothing todo with feeds. That's the startup trigger interface for banIP to begin processing ...
thanks for the response i have this outpout so is good
is active i have seen processing too sometimes
root@OpenWrt1er-router:~# /etc/init.d/banip status
::: banIP runtime information
+ status : active ## also see processing
+ version : 0.8.0pre3-1
+ element_count : 174239
I'm not sure if this what your are looking for.
In luci->backup flash FW-> Configuration tab, we can make a list of files that we want to survive sysupgrade.
For example:
I have a script called installpkgs.sh, that will install all the packages I want.
So I add /root/installpkgs.sh to backup_flash_FW config tab, so my script isn't deleted.
So far pre3 is running pretty optimal. I noticed inside banip config option ban_nftpriority '-300' with # nft table priority (default is raw table priority (before fw4!)) is -300 the most optimal place to prioritize traffic at? I am noticing performance gains with -500 priority.
@dibdot pre3 fails to install for me because I'm using staging not 22.03.01 and it barfs on the kernel version.
It's not a major issue as I can rebuild a new staging version, but I was wondering if you can set a lower kernel version that is acceptable to banip and use ">=" rather then "=" in the version check.
I've never built an opkg package so I've no idea if such a thing is possible
Well from what I can tell at -300 priority, it seems it is more computational processing packets. I have majority of the lists loaded into sets. +500000 ips. Network throughput seems more crippled at -300 priority. When i put it at -500, i see less throughput delays. Probably has to do with cpu cycles and processing packets. Nothing major, just something possibly worth while testing further.
@dibdot Installed pre3 last night and woke up to an Asterisk log filled with these failure lines which haven't been picked up by banip. The log is at 1Gb after 8 hours with a single rogue IP!
@dibdot Now that the log has calmed down (I added the offending IP address to the voipbl.org site), I can see that the other failures appear to be working so I've no idea why this particular line should be failing. It was one particular IP that never got added to the ban list despite 000,000's of entries in the log (IP was 46.8.210.88)
Also is it possible to get a log of the IPs you ban in real time so that they can added to voipbl.org for the benefit of all?
Please send me your banip config and a real world log file excerpt with the offending IP to my maintainers address (dev@brenken.org). I'll try to reproduce that ...
My bad. I didn't have the correct asterisk regex line in my config. I'm amazed, and happy, that banip caught as many malicious ip's as it did without it.
I am playing around a bit with the 'ban_splitsize' option. In the process, an error message has appeared in the syslog:
'...user.info banIP-0.8.0pre3-1[4324]: failed to add split file '2' to countryv4 set'
'...user.info banIP-0.8.0pre3-1[4324]: failed to add split file '3' to countryv4 set'
What could be the reason for this?
I have a Netgear R7800 router with 512MB RAM, but would like to use some larger lists. This worked in the 'old' version without any problems.
Has anyone had experience with which splisize still works well with which RAM size?
With this it seems to work now (even without OOM). However, I believe that this is rather due to the 'filelimit' value.
5000 splitsize and 1 core I had tried before. But the error messages occurred.
I have looked into the created tmp directory when re-importing. But there were never more than 400 files created before.
A big disadvantage is now of course that the new import instead of a few minutes now partly takes 30 minutes.
But hey, it works!