a new script based package called "banIP" to block
incoming & outgoing ip adresses/subnets via ipset.
Features:
* a shell script which uses ipset and iptables
to ban a large number of IP addresses
published in various IP blacklists (bogon, firehol etc.)
* support blocking by ASN numbers
* support blocking by iso country codes
* support local white & blacklist (IPv4, IPv6 & CIDR notation)
* auto-add unsuccessful ssh login attempts to local blacklist
* auto-add the uplink subnet to local whitelist
* per source configuration of SRC (incoming) and DST (outgoing)
* supports IPv4 & IPv6
Strong LuCI support:
* easy interface to track & change all aspects of your ipset
configuration on the fly
* integrated IPSet-Lookup
* integrated RIPE-Lookup
* Log-Viewer & online configuration of white- & blacklist
LuCI-Screenshots will follow in the second post.
Forum discussion:
https://forum.openwrt.org/t/banip-new-project-needs-testers-feedback/16985
Signed-off-by: Dirk Brenken <dev@brenken.org>
* "zero-conf" installation & setup, usually no manual config changes
required (i.e. ip address, network devices etc.)
* full IPv4 and IPv6 support
* new adblock list source (malwaredomainlist.com)
* adblock related statistics will be done by iptables
* removed curl dependency
* for IPv6 support you need 'kmod-ipt-nat6'
* fix Chaos Calmer compability
* various small changes & fixes
* updated documentation
* updated maintainer email address
Signed-off-by: Dirk Brenken <dirk@brenken.org>
* add uci support
* add dynamic uhttpd instance support
(no longer rely on uhttpd config changes)
* package reordering
* plus various fixes
Signed-off-by: Dirk Brenken <dirk@brenken.org>
Dirk Brenken
Dirk Brenken