IP-Blocklist
-
Version 2.1 released
Fixed pfsense BETA 2 package for x86 and x64. Now runs on all versions of pfsense.
Fixed (wlists.txt) not found error.
Fixed rare cases of the package not working with large firewall configurations. Thank you netritious!
-
When the script checks to see if it is running it only verifies that the firewall entry has been made. The package does not verify the format of your lists, if there are errors in the lists then it silently ignores them.
countryipblocks.net format does not work. Use the country block package.
To verify your lists are applied cat /usr/local/www/packages/ipblocklist/lists/ipfw.ipfw and see if your IPs are in there.
Always use the domain:x.x.x.x-x.x.x.x format.
If I were to save a .gz file on a www server in the format name:x.x.x.x-x.x.x.x and then occasionally updated the .gz in Notepad with IPs I'd like to block, would I need to re-commit / re-add the .gz to IP-Blocklist or is the list auto updated via the www link?
-
If I were to save a .gz file on a www server in the format name:x.x.x.x-x.x.x.x and then occasionally updated the .gz in Notepad with IPs I'd like to block, would I need to re-commit / re-add the .gz to IP-Blocklist or is the list auto updated via the www link?
To get the updated .gz on the pfsense box all you would have to do is click "Save/Update". That will re-download the .gz file and re-process it.
-
To get the updated .gz on the pfsense box all you would have to do is click "Save/Update". That will re-download the .gz file and re-process it.
Would it make sense, in possibly a future version, to make it where maybe a .gz link can be set to auto update during a certain time frame, i.e. once a day. My thoughts is to have the .gz file reside on my server and when a spam email comes in I can get the IP address out of the header and simply add it to the .gz file without having to log into pfsense. Just a thought.
-
To get the updated .gz on the pfsense box all you would have to do is click "Save/Update". That will re-download the .gz file and re-process it.
Would it make sense, in possibly a future version, to make it where maybe a .gz link can be set to auto update during a certain time frame, i.e. once a day. My thoughts is to have the .gz file reside on my server and when a spam email comes in I can get the IP address out of the header and simply add it to the .gz file without having to log into pfsense. Just a thought.
The idea has been passed around on this topic here and there. A cron job would do the same thing. Just run /usr/local/etc/rc.d/IP-Blocklist.sh as often as you like.
-
The idea has been passed around on this topic here and there. A cron job would do the same thing. Just run /usr/local/etc/rc.d/IP-Blocklist.sh as often as you like.
I guess I'm not familiar enough to do this. Am I running the .sh file within pfsense to reload the .gz file or is this a command I can set in a .bat file to have pfsense do? Making it easier with fewer steps is a nice goal. If a guy can simply edit the .gz then ideally that would be nice. I can do this with my email server - edit the .dat file and no reloading is necessary. Either way though, this and your country package are awesome and the main reasons I finally switched to pfsense. Thank you.
-
The idea has been passed around on this topic here and there. A cron job would do the same thing. Just run /usr/local/etc/rc.d/IP-Blocklist.sh as often as you like.
I guess I'm not familiar enough to do this. Am I running the .sh file within pfsense to reload the .gz file or is this a command I can set in a .bat file to have pfsense do? Making it easier with fewer steps is a nice goal. If a guy can simply edit the .gz then ideally that would be nice. I can do this with my email server - edit the .dat file and no reloading is necessary. Either way though, this and your country package are awesome and the main reasons I finally switched to pfsense. Thank you.
You won't have any benefit with editing the .gz on the pfsense box since this is replaced with the url version every update. Editing the config or settings do not take effect until you click "Save/Update" hence the title of the button. What I suggest is to create a cron job and run IP-Blocklist.sh every hour or even every minute if you like. And just update the url .gz version. This solution only includes 2 steps so I think this is your better and simplest option.
-
You won't have any benefit with editing the .gz on the pfsense box since this is replaced with the url version every update. Editing the config or settings do not take effect until you click "Save/Update" hence the title of the button. What I suggest is to create a cron job and run IP-Blocklist.sh every hour or even every minute if you like. And just update the url .gz version. This solution only includes 2 steps so I think this is your better and simplest option.
Well I installed cron and did some research. I did the following:
minute: 0
hour: 1
mday: *
month: *
wday: *
who: root
command: /usr/local/etc/rc.d/IP-Blocklist.shI figure everyday at 1am should be ok. Then whenever I update the .gz file it will update the server.
-
Excellent. That is the best way to do that.
-
Love the addon. Was wondering if it could add an entry to maybe the firewall log when an ip gets blocked.
-
I have plans to add that in the next version. Not sure when that will be but it's on my to-do list.
-
iblocklist.com has released a forum spam list and a web-exploit list.
If you run any type of forum I recommend that you run the forum spam list.
-
ipblocklist version 2.2 released.
Added logging to FW log
changed install process
Added visual for how many networks/IPs are being blocked -
ipblocklist version 2.2 released.
Added logging to FW log
changed install process
Added visual for how many networks/IPs are being blockedJust installed,
but not showing ip addresses blocked, going to look for file locations to see if this is a bug or something else missing. Offhand where are they located?
-
ipblocklist version 2.2 released.
Added logging to FW log
changed install process
Added visual for how many networks/IPs are being blockedJust installed,
but not showing ip addresses blocked, going to look for file locations to see if this is a bug or something else missing. Offhand where are they located?
That is because your list links are wrong. Please read the FAQ on the first post (Q: My list site only give dynamic links to lists…...)
Example:
cr_bogon links to http://list.iblocklist.com/files/cr_bogon.gz
bt_spyware links to http://list11.iblocklist.com/files/bt_spyware.gzYou need to have the true url to the list. Dynamic links which are used for load balancing is not supported. BTW, I wouldn't use the bogon list if I were you. You will lock yourself out of your pfsense box.
-
thank you sir, did the trick. and all that time I thought….... oh well
-
ok cool, blocking ips. But would like to incorporate I-Blocklist subscription list. Not sure what the proper format might be since a username and id are part of the url.
possible?
-
ok cool, blocking ips. But would like to incorporate I-Blocklist subscription list. Not sure what the proper format might be since a username and id are part of the url.
possible?
I'm not really sure. My best guess would be to remove all the links you have and just add the subscription list. See if you get the counter to go up. If so then it works, if not then we can try to think of something else. Let me know, I'm curious.
-
Hi there,
I think there might be an incompatibility between IP Blicklist/Country Block and the HAVP antivirus proxy. Every time I start the blocklist(s) HAVP stops proxying and gives an error for every URL. Also, the control buttons to save settings only work on Firefox, Neither IE or Opera can activate them.
Hope this helps to quash a bug!
-
The IE incompatibility is an issue that I haven't been able to fix yet. Supermule challenged me with fixing it and I was unable to find a fix. If you would like to help, I would appreciate it. The best thing I can say right now is use FF or Chrome, who uses IE or Opera anymore anyway.
I will test with HAVP. Thank you for helping out with the project.
EDIT: Does HAVP break when you have logging enabled in the package?