That is the name of the new feed that I'm trying to add. Why would it be considered "incomplete"? Could it be because I emptied the "Rulev4" field? Or could it be something else?
Out of curiosity, in the Edit Custom Feeds tab, I copied the "Rulev4" field from the doh feed that comes with BanIP into the new feed I added, "doh2", and rebooted, now I see the following in the system log, instead:
Hi, @stevennausak. This "support thread" doesn't appear to provide much actual support for us, so I'll try helping you even though I'm just another user.
In an attempt to debug what's going on, what if you try setting "Auto Allow Uplink" and "Blocklist Set Expiry" back to the defaults of "Please Choose". Then, copy out the contents of the blacklist as a backup if you don't want to lose it, emptying it out, then reboot your device.
Then try selecting one option back at a time to what you have in your screenshot and see if the functionality works correctly with one setting set to your choice, and then the other, by itself. I know "Subnet" says "default" and should work the way you have it, but maybe there's a bug in the code and this procedure might help track it down.
You could also try the above steps and also uncheck "Auto Blocklist", and see if those IPs stop getting automatically added. It would be nice if they had documentation that would properly explain how that feature works, since I've seen IPs get added to my list, but no idea why or how the logic works for that setting. All it says in the docs is "Unsuccessful login attempts or suspicious requests will be tracked and added to the local blocklist (see the ban_autoblocklist option)", but it doesn't say what a "suspicious request" is or how it is calculated to be "suspicious". That might be helpful to know.
After validating, BanIP was downloading the updated IPTHREAT file but somehow some of the old IP's are still maintained in FW4. Doing reload doesn't help but a full restart of banip fixed the issue.
After deleting all the downloaded backup file and doing a restart. From 45K+ Element count it went down to 35K+ count. So it seems the e-tag checking is somehow affecting if to use the backup or download and use a newer file.
I've tried this in 3 different of my routers that uses BANIP and results are the same.
I'd like to block requests to specific IPs, and I'm having trouble doing that.
I've added the IP 18.104.22.168 (it belongs to openwrt.org) to my blocklist /etc/banip/banip.blocklist. BanIP is active according to /etc/init.d/banip status, and I've reloaded the config via /etc/init.d/banip reload.
When I try to run a GET request on the PC connected to my Openwrt router via curl 22.214.171.124
I get a 301 response, not the timeout I was looking for.
Is there anything more I can try? I've read the manual, but I'm up against a wall.
My network hardware configuration looks like this:
Verizon G1100 -> LAN port -> Cat5 -> WAN port -> TP-Link TL-WDR3500 with OpenWRT 22 installed -> LAN port -> Cat5 -> my PC
Delete everything else if that's what you need.
Or just stop banip, and go by cli:
mv /etc/banip/banip.feeds /etc/banip/banip.feeds.old
edit custom feeds: