How to block ru crap?


I need to hard block (not just by TLD) ru crap. At all. Preferably by IP ranges and TLD both.

Like this:

At least it's not possible to block that many addresses using the built-in firewall. It will cause the error:

uci: Parse error (too many arguments) at line 8563, byte 2372

Also, BanIP is too heavy for me (RAM) maybe there is another variant?

NOT input, I mean visiting ru crappy websites!

an ipset ?

or resolve all ru sites with in dnsmasq?

How can one do it with ipsets? I have no clue.

Well, banip is one option, unless it kills your router.

Dnsmasq is just one line in the config.

Install banIP service - luci-app-banip and enable:
Blocklist feed > country
In countries, select Russian Federation (ripe)


Error by ipset. Via dnsmasq not checked. Any instructions?

What do you mean?

I don’t have replacement, and it is hardly critical one (used for home raspberry pi servers too)

Is there anything less heavy like “light” version?

Or is there any way to make .ru inaccessible?

Read - how could I setup such hostnames with OpenWRT? - #14 by pavelgl

The address=, use /ru/

You tell me, you said it was a no go.

1 Like

This will block all domains that finishes on .ru, right?

For example:

All of them?

I didn’t. Just said that it is too heavy for RAM

Try it ?

Isn't that a no go ?

How to add rule? Is there any way to add it from LuCi?

This is TLD rule, right? I can use similar ones to block .su for example?


Can I somehow add additional HOSTS files to dnsmasq that located on SD card?

In following syntax:

Exactly on SD card!

I am new to OpenWRT, so please don’t be strict :slight_smile:

As written in the linked post?

Yes, you should.


Like this:

Any guidance?

That's not what the post say.

Depends, are you going to type them in ?

Like this:

As file (hosts.txt) on folder /custom/hosts.txt on SD card

And like this:


In any way. It is two separate questions :slight_smile:

What do you mean by that? Which router are we talking about? RAM/CPU?

OK, current banIP is not available for such ancient OpenWrt version.

Did you notice @powtrix's post?

23.05.3 is available for that router.

22.03.6 went EOL in April.