I've got a bunch of IP addresses that I want to Block. As far as I can work out, I create an Alias --> URL Table IPs and put in the path to the https URL where they are kept.
I have a Rocky 8.6 server. and an apache webserver. I tried creating a folder and putting the list of IPs into it as a texfile (IP on separate lines), but it doesn't work.
Apache is the owner and I set the permissions to 644, but it doesn't read anything.
What am I doing wrong?
What happens when you put the URL (I assume it's something like http://<ip-address>/path/to/blocklist.txt) into the address field of your web browser?
I see the full list of IP addresses. but for some reason, OPNSense ain't reading them.
That's the problem seems OPNSense doesn't have permissions maybe.
HTTP request is HTTP request. What do you see in your web server logs? Is a simple list of IP addresses really the required format?
It's the same format as this:
https://github.com/SilvrrGIT/IP-Lists/blob/master/shodan but I don't have any comments, just the IPs and that works fine.
I even copied the list and re-created it on my server and it simply didn't work any longer. Is it the owner (apache)? I even tried chmod 777 and that didn't work either so it can't be permissions.
This is how I set it up. Maybe it helps.
Ps: Not my Server ;)
},
"aliases": {
"alias": {
"xxxxxxxxxxxxxx": {
"enabled": "1",
"name": "IP_PublicDNS",
"type": "urltable",
"proto": "",
"interface": "",
"counters": "0",
"updatefreq": "5",
"content": " http://public-dns.info/nameservers-all.txt",
"categories": "",
"description": "Public DNS Server List"
},
I'm not blocking URL's only IP Addresses of idiots and script kiddies that are annoying.
I tried it on my hosting server in Canada and it works fine, but not on the server in my office!
Baffling!
maybe if not using an ip for the url then the local name is not resolving? Have you tried using the local ip if is local?
That's the crazy thing. If I type the URL into my browser, it displays the contents perfectly. Ergo, it SHOULD be available to OPNSense, but it isn't.
I have a phpBB forum and there's a folder in there with pictures that are displayed to users. This works perfectly. I copied the list of IP Addresses to that folder with the pictures.
Despite the fact, a user in Canada can view them and the IP list as well. OPNsense ignores the file.
It's got to be something stupid that I'm doing, but what?
What is the URL please? IP address or DNS name? Possibly OPNsense itself cannot resolve the host name?
Quote from: Mikheil on July 14, 2023, 11:05:30 AM
I'm not blocking URL's only IP Addresses of idiots and script kiddies that are annoying.
I tried it on my hosting server in Canada and it works fine, but not on the server in my office!
Baffling!
The example above is just IPs. I'd wager that your Type is wrong. Change it to URLTable (IPs) and your alias should work.
CJRoss I thought the same at first but his first post says he has the right type already "URL Table IPs"
Quote from: Mikheil on July 14, 2023, 11:05:30 AM
I'm not blocking URL's only IP Addresses of idiots and script kiddies that are annoying.
I tried it on my hosting server in Canada and it works fine, but not on the server in my office!
Baffling!
???
Have you seen the contents of that file that I posted, those are NOT URL's but IP's of all Public DNS Servers that I am blocking to get around DoH
Post the content of your Alias file
You can download it to your PC via Firewall - Aliases and then Download file
It downloads to your pc as aliases.json