WORLD MAP for developer OpenWrt idea

hello if my post is not adequat i delete, I am looking for a developer to create a map of the world in luci, a map that we could install in statistic or netdata, and see the ips that we block by example in traffic rules do you think this is possible, example I block 10 ip addresses and I see which ones are blocked in the map of luci statitics in real time,

thanks for all work everybody

1 Like

You're likely to have more luck, if you give some ballpark figure of how much you're willing to pay.

1 Like

Was a great game back in the day.

1 Like

GeoIP can be inaccurate, and you would be unable to do it locally on many of the OpenWrt devices supported due to storage constraints. (Maxmind would either not fit or take up the vast majority of the small storage.)

I note that crowdsec adds geoip lookup results to their event metadata, but they do it locally (with the same storage space concerns, theirs is >60mb I believe, in addition to the base package being >15).

Another option would be some of the free apis, assuming you can stay within their request limits.
Something to consider before throwing money at it. (Assuming you even find anyone willing to write it)

2 Likes

this could work, but have to be modified so the IP extraction isn't done from fail2ban.

ipinfo.io can be used for the GeoIP lookup, their free account allows 50k queries/mo.

3 Likes

This! GeoIP will be inaccurate. The question is what is the consequence of false localization... in the intended use-case "eye-candy" not being 100% correct is probably acceptable, but this also means that use-case might not be worth dozens of MB?

2 Likes

^--- Truth.

Microsoft ran into issues when they re-allocated an IP range that had previously been assigned to Brazil to their Azure infrastructure. Suddenly, servers were being reported as being to/from Brazil, and you can imagine the hell-scape that followed.

https://social.msdn.microsoft.com/Forums/en-US/8f1a1285-cd9d-4231-94a5-eef4fc0ca46e/bingcom-thinks-my-azure-vm-is-in-brazil?forum=WAVirtualMachinesforWindows

1 Like
config rule
	option name 'block all ip'
	option target 'REJECT'
	option src 'lan'
	list src_ip '192.168.2.160'
	option dest 'wan'
	list proto 'all'
	list dest_ip '24.105.0.0/18'
	list dest_ip '108.61.97.0/24'

yes for the moment I block these ips this way and it works very well, it's magnificent,

an automation would be of ip would be a plus when I capture with wireshark when connecting to a game there is marked online connection service and I see that about 20 servers are pinging each other,

I have my method to group them and then classify them and it works but it's a long job,

Like you see the server is grey so his not accessible

I left just server good for me

i'm use firewall nftables now with my belkin and before i use banip with withelist example

i authorize only server who interested by my network

banip
   # added on 21.03.2022 03:01:23
192.168.2.160   ## ip ps5 
185.34.106.0/24 ## serveur authentification IE
24.105.54.0/24 ip range only for my server 

the search is more long but when he found the server is good

i contribute like i can for development openwrt

:wink:

Capture d’écran 2022-06-17 à 01.26.00

Especially popular with the ladies.

OpenWrt guy with OpenWrt t-shirt:

Just so you know that if you come round for coffee I have an OpenWrt router with multiple access points set up to use 802.11r fast transition, your data is encrypted via WireGuard VPN, DNS lookups are encrypted too, of course, and latency is managed through smart queue management. It's just wonderful!

Girl:

Oh, I love a man that has his networking affairs in such good order.

1 Like

Eh, a pfSense shirt would work better on me.

1 Like