The service got restarted but it's not processing or loading any feeds. It's not even showing other logs. It should show something like this.
Are you sure that's the full log?
Did you configure it via LuCi? It looks like you are missing a lot of config options.
Did you configure it via LuCi?
Yes
Please post full log to help us help you.
You have VPN setup? This config seems wrong, you have 'wan' as your ban trigger but you have a different device ('Wireguard').
Try to disable Auto Detection, and configure the newly shown fields base on your setup.
You have VPN setup? This config seems wrong, you have
'wan'as your ban trigger but you have a different device ('Wireguard').
Yes
disabling Auto Detection shows new fields what to put in these ?
What different new field - can you tell us or use an arrow in your picture?
The screenshot does not clearly explain.
(It could make things easier for others to assist if you use complete, full sentences to describe your issue clearly and in detail.)
OK - your choice to edit again has officially confused me. Hopefully someone else can understand and provide assistance.
If you're asking how to configure your device after disabling auto detect - I would also ensure that the PBR, DNS and VPN configs you've made (and not noted here) are also working first.
I understand and read that message from AcidSlide already. What I don't understand is why you wouldn't know the setting you need - if you disabled Auto Detection.
I also see this:
You can't expect folks to guess your network config or know you made configs elsewhere that can affect banIP. You have to tell them.
So as I noted, I asked was this working and if the default config worked (
I meant a config without VPN and PBR - and perhaps the DNS changes you've made in other threads). If it does, we'll be assured that your issue is network config related and not banIP.
Hi there,
I'm looking for some help with BanIP. It's great, and have found it extremely useful for blocking unwanted outbound connections / phoning home / trackers, etc. So, thank you very much.
I've been using BanIP (v0.9.0-1) for around 5 months now and it appears to have been working fine. Although, I have wondered if it is loading all the feeds because as I watch the OpenWRT (v22.03.4) status page after enabling BanIP, it appears to eat up the RAM until there's nothing left, but then after awhile seems to "free up" the RAM, since RAM usage drops back down to normal and BanIP works fine. BanIP then appears to run fine and I can then see blocked IPs in the logs.
Then I recently came across the BanIP documentation at https://github.com/openwrt/packages/blob/master/net/banip/files/README.md, specifically the section titled "tweaks for low memory systems".
So I tried making those tweaks.
I plugged in a 16GB USB thumbdrive (formatted for F2FS, as OpenWRT suggests for SSD drives and thumb drives) to my router (TP-Link Archer C7 V2) and set up a mount point for BanIP to write to.
I changed the settings the BanIP docs suggested, such as "Base Directory", "Backup Directory", and "Report Directory" to point to the thumbdrive, set the "Set Split Size" setting to be 1024, and unchecked the "Report Elements" box. I've verified that BanIP/OpenWRT can write to the thumbdrive okay and I see the files being written there - I have separate subdirectories for "backups" and "reports" and can see the relevant files being written into those, as well.
But this is what happens: When I restart the router BanIP loads the feeds for around 30 minutes but then the router reboots itself for some reason. I'm guessing it is crashing due to being out of memory. If I watch the OpenWRT status page, the RAM gets used up more and more until it is eventually all gone and that is when OpenWRT reboots. I've tried this about 5-6 times now, with a few different settings each time, but all with the same result. For example, I've tried reducing the Split Size and Max Open Files to 512 and even set Split Size to 256, but it doesn't help.
Is there another setting that I can adjust that might stop this from happening?
As I mentioned earlier, if I don't use the thumbdrive and leave the above settings at default, BanIP seems to work fine, but I just don't know if all the feeds get loaded.
For BanIP to work properly, does it store all the feeds in RAM? Or is the RAM only used when initially loading the feeds and the feeds are actually stored somewhere else during regular BanIP operation?
Thanks.
Please help!
Based on your routers device memory, it is not really supported (or recommended) by BanIP. Please check the Prerequisites in the documentation.
BanIP "might" still work on your device but you need to select/limit the number of feeds that you enable to at least 1 or 2 small to medium sized feeds.
Ah, ok, thanks.
Do you or anyone else happen to know if BanIP stores the feeds in memory or does it read them off the disk (from those .gz files) when it is operating?
Also, is there any way to tell how much memory certain feeds will end up taking? That is to say, if I want to select 8 feeds, can I see which ones are larger / smaller and how much estimated RAM they will end up taking? That could help me make better decisions about which feeds to select.
No, BanIP doesn't store the feeds in memory indefinitely and doesn't run forever. It is only triggered by the Restart/Start/Reload functions then ends once its done setting up the Firewall Rules (FW4). Although the script does need memory to load and process the feeds.
How much free memory does your device have?
Around 30-40mb free memory right now (with BanIP feeds already loaded last night).
Is there any way to tell how much memory certain feeds will end up taking before running the BanIP feed loader?
By the way, I disabled all the "tweaks" from the docs that I did and rebooted and everything seems to be fine, like before. Why would that be? I thought the tweaks would help.
[Question] WAN-Input Chain vs WAN-Forward chain vs LAN-Forward Chain
I just keep it blank (default) on my setup. But see below for reference.
WAN-Input - Inbound traffic from the WAN side
LAN-Forward - Outbound traffic from LAN
WAN-Forward - Outbound traffic from WAN
Are you saying from SWCONFIG to DSA change?
Also, how can I tell for sure which feeds got successfully loaded into BanIP?
Any ideas?
Please help!
Hi there, I'm trying to add this DNS/DoH blacklist to BanIP (https://public-dns.info/nameservers-all.txt). It is from https://public-dns.info. I'm already using the dohv4 feed that comes with BanIP, and it works fine, but I'd like to add this one, as well.
I tried adding it through the Edit Custom Feeds tab. I'm able to add it okay, but the blacklist doesn't seem to block anything. I'm unclear about the "Rulev4" field when adding a feed. What should I put in there? It looks like a regular expression. For now I've copied and pasted what was in the included dohv4 feed.
To test if this newly added feed is working, I just pick a few IPs from that list at random, try accessing them in my browser, and then check the BanIP/system log to see if it gets blocked or not. So far they're not getting blocked. If I do this same test with the IPs from the dohv4 feed included with BanIP, they are blocked, as expected.
How can I get this to work?
Hi,
in the "edit blacklist" section now I see a series of ip blocked presumably by ban ip, I assume based on the list of feeds used but there is a problem. This list grows every time banip reloads to the point of being so large that it can no longer be saved and it is necessary to manually delete the list. I would have expected this list to automatically delete itself after a set time but it doesn't. Please see attached image. Thank you.
