My wife raised that she could not reach a NZ web site, miwoollies.com, with whom we have dealt occasionally over many years. I found I could, then realised I was still on the VPN so obviously Qfeeds was stopping her, which proved true. The address in question is 192.200.160.14 which threat lookup shows to be Bigcommerce Inc. This is the same site, different IP, I raised a few days ago when she was trying to reach the Australian luxury goods site Oroton, although the problem was less important then. The relevant list is James Brine Bruteforce IPs feed
As we discussed before, bigcommerce is used by both legitimate and non-legitimate players. Is the solution to whitelist selected IPs as they arise, in floating rules? If I install a VPN on her machine she will probably wind up leaving it on, bypassing Qfeeds. Is the bigcommerce listing open to refinement?
We've reviewed the Bigcommerce IPs and for now removed them from our list for now. Thank you for pointing it out and sorry for the inconvenience! You can force to pull the new list by hitting Apply in the plugin.
Quote from: passeri on November 14, 2025, 12:57:25 AMIf I install a VPN on her machine she will probably wind up leaving it on, bypassing Qfeeds
I thought Qfeeds would filter the VPN (if you added within the floating rule) the interface list that currently has WAN?
Quote from: vk2him on November 15, 2025, 02:42:42 AMQuote from: passeri on November 14, 2025, 12:57:25 AMIf I install a VPN on her machine she will probably wind up leaving it on, bypassing Qfeeds
I thought Qfeeds would filter the VPN if you added it to the interface list that currently has WAN?
This is most likely a possibility but only in 2 cases:
1. If that VPN IP is on the IoC
2. Depending how you implemented the rules
Regards,
S.
Quote from: vk2him on November 15, 2025, 02:42:42 AMI thought Qfeeds would filter the VPN (if you added within the floating rule) the interface list that currently has WAN?
I have set up daily Time Machine backups for her to the NAS. These will fail silently while she is on an external VPN.
@Qfeeds Thank you. Possible festive presents are being contemplated once more, without intervention by me. :-)
I just tested with Wireguard and it does block if you add the Wireguard interface into the two Qfeeds floating rules:
It blocked a known malicious IP on my LAN and Wireguard interfaces:
Quote from: vk2him on November 15, 2025, 03:24:31 AMI just tested with Wireguard and it does block if you add the Wireguard interface into the two Qfeeds floating rules:
It blocked a known malicious IP on my LAN and Wireguard interfaces:
I think we are talking about different things. If I am out and using my VPN server at home, the Wireguard interface is in Qfeeds and traffic is normal from its point of view. If I am at home and using a VPN provider so it is not my home address, Qfeeds sees only an encrypted stream to my VPN provider. It is the latter case I was discussing.