How to block IPs and domains?

1. Is it possible to "Policy-Based Routing" for this ? "Policy-Based Routing" has " Custom User Files" that can route IPs and Domains.

banip package for IPs, adblock package for domains.

"Policy-Based Routing" can do it ?

sounds like routing, not banning/stopping traffic, but you can probably redirect it somewhere, where no one will answer it.

Can "traffic rules" do it?

are you randomly name dropping features, while surfing the UI ?

it can, but it's going to be cumbersome, if there's a lot of IPs ...

what's wrong with BanIP ?

How to do it with IPset ?

BanIP uses IPSet.

if you want to skip banip, google ipset, it's a *nix feature, not openwrt specific.

what do you want block ? ip of what ? by traffic rules is possible

IP blocklist of bad IPs, Sites and Countries.

like this for example ? i block my server of game

Screenshot_2022-12-28-16-07-49-354_com.android.chrome1080×2400 229 KB

replace ps5 by br-lan

Is there a script for it ? you did it manually

• Configuration file
  • /etc/config/firewall
• Service script
  • /etc/init.d/firewall

The image provided uses the web GUI.

How to create and update traffic rule with IPs from a blocklist or of a country or Website.

Is the list in ipset format (i.e only containing IPs/CIDR ranges)?

yes you can configurate directly in /etc/config/firewall

@RSHARM

Theoretically, yes, practically it's far from being the best tool for this job. I'd recommend simple-adblock, it's a lightweight and fast package and it's easy to block domains and/or point it to a custom file with domains you want to block.