How to know if your BAN IP configuration is working

*root@OpenWrt:~# . /usr/share/libubox/jshn.sh*

*root@OpenWrt:~# json_init*

*root@OpenWrt:~# json_load_file /etc/banip/banip.custom.feeds 2> /dev/null*

*root@OpenWrt:~# json_add_object "vpn"*

*root@OpenWrt:~# json_add_string "descr" "vpn CIDR"*

*root@OpenWrt:~# json_add_string "url_4" "* [https://raw.githubusercontent.com/\](https://raw.githubusercontent.com//)

*> X4BNet/lists_vpn/main/output/vpn/ipv4.txt"*

*root@OpenWrt:~# json_add_string "rule_4" "/^[^#]/{print \$1\",\"}"*

*root@OpenWrt:~# json_close_object*

*root@OpenWrt:~# json_dump > /etc/banip/banip.custom.feeds*

*root@OpenWrt:~# uci add_list banip.global.ban_feed="vpn"*

*root@OpenWrt:~# uci commit banip*

*root@OpenWrt:~# service banip restart*

ping [89.116.0.1](http://89.116.0.1/) - **this was in the VPN LIST**

Pinging [89.116.0.1](http://89.116.0.1/) with 32 bytes of data:

Reply from 89.116.0.1: bytes=32 time=89ms TTL=52

Reply from 89.116.0.1: bytes=32 time=95ms TTL=52

Reply from 89.116.0.1: bytes=32 time=92ms TTL=52

Reply from 89.116.0.1: bytes=32 time=90ms TTL=52

isn't what the code snippet you blindly copied contained, syntax wise.

im not too sure , it is my first time even getting banip succesfully installed, anyhelp to my question would be apprciated frollic

Which question? Did you check the readme? Did you check the (debug) logs during run? Did you check the banIP status? Why don't you start with one of the default feeds ... said that, it makes much sense to use the custom feed editor in LuCI ...

One way is to look at Status -> Firewall that the rules exist and after some time has passed some have filtered more than 0 B of traffic. Should be some rules in the Traffic filter chain "wan-input" section starting with @, like @blocklistv4 or @firehol1v4. Hover over the match KB/MB number to see the # of packets.

I am.
Your c&p is incorrect, but as @dibdot said, use the webui instead.

That's the same info you got on reddit.

1 Like


seems like no luck. :slight_smile:

Not sure if you're having the same issue but I noticed if I add a custom feed to /etc/banip/banip.custom.feeds then banip ignores /etc/banip/banip.feeds and removes attempts to add those entries with a log entry like remove unknown feed 'oisdbig' Is this the intended behavior? Right now I have to copy /etc/banip/banip.feeds to /etc/banip/banip.custom.feeds then append my additional feeds to that file. @dibdot am I missing something?

Hmm... starting with a fresh install and not adding any custom feeds, I'm still getting issues with just adding two feeds: oisdbig and oisdnsfw:

Mon Jun 10 04:21:26 2024 user.info banIP-1.0.0-r1[1539]: start banIP processing (boot)
Mon Jun 10 04:21:26 2024 user.info banIP-1.0.0-r1[1539]: initialize banIP nftables namespace
Mon Jun 10 04:21:26 2024 user.info banIP-1.0.0-r1[1539]: start banIP download processes
Mon Jun 10 04:21:36 2024 user.info banIP-1.0.0-r1[1539]: skip empty feed 'oisdbigv4'
Mon Jun 10 04:21:36 2024 user.info banIP-1.0.0-r1[1539]: can't add split file '1' to Set 'oisdbigv4'
Mon Jun 10 04:21:38 2024 daemon.err banip-service.sh[1539]: /usr/bin/banip-service.sh: line 232: /usr/bin/logger: Argument list too long
Mon Jun 10 04:21:38 2024 daemon.err banip-service.sh[1539]: /usr/bin/banip-service.sh: line 232: /usr/bin/logger: Argument list too long
Mon Jun 10 04:21:45 2024 user.info banIP-1.0.0-r1[1539]: skip empty feed 'oisdbigv4'
Mon Jun 10 04:21:45 2024 user.info banIP-1.0.0-r1[1539]: can't initialize Set for feed 'oisdbigv4' (rc: 1, log: /tmp/tmp.IDFeFK/tmp.PpbKIK.oisdbigv4.nft:3:103-103: Error: syntax error, unexpected '}'  /tmp/tmp.IDFeFK/tmp.PpbKIK.oisdbigv4.nft:7:8-8: Error: syntax error, unexpected comma, expecting string or last)
Mon Jun 10 04:21:45 2024 user.info banIP-1.0.0-r1[1539]: skip empty feed 'oisdnsfwv4'
Mon Jun 10 04:21:45 2024 user.info banIP-1.0.0-r1[1539]: can't add split file '1' to Set 'oisdnsfwv4'
Mon Jun 10 04:21:59 2024 user.info banIP-1.0.0-r1[1539]: start banIP domain lookup

You're still using your borked custom feeds file. Just clear this file and the default package feed conf will be used (again).
Edit: please use the custom feed editor in LuCI for such actions.

It turns out it was a feed name limitation (15 chars). I was using ImageBuilder (hence no LuCI) and I tried adding the pedophiles list from https://www.iblocklist.com/lists?fileformat=cidr&archiveformat=gz but had named it "iblockpedophiles" (16 chars). Changing it to "iblockpedophile" (15 chars) fixed it.