Home
Help
Search
Login
Register
OPNsense Forum
»
International Forums
»
German - Deutsch
»
IP-Liste blocken
« previous
next »
Print
Pages: [
1
]
Author
Topic: IP-Liste blocken (Read 2251 times)
Gandalf2434
Newbie
Posts: 29
Karma: 0
IP-Liste blocken
«
on:
April 16, 2021, 07:44:15 pm »
Hallo zusammen,
ich würde gerne eine Liste von IP-Adressen blocken. Es handelt sich dabei um folgende Liste:
https://block.energized.pro/extensions/ips/formats/list.txt
Ich habe dazu unter Firewall->Aliases eine URL Table (IPs) angelegt und unter Content die URL zur Liste eingetragen.
Leider wird die Liste aber nicht aktuallisiert. Wenn ich unter Firewall->Diagnostics->pfTables den Alias auswähle ist er leer.
Was mich nur so wundert ist, dass ich das schonmal für eine andere IP-Liste gemacht hatte und das geht.
Liegt es daran, dass in der IP-List Kommentare enthalten sind?
Logged
allebone
Sr. Member
Posts: 402
Karma: 34
Re: IP-Liste blocken
«
Reply #1 on:
April 16, 2021, 08:36:34 pm »
Could be caused by your firewall entries being set too low.
Delete the blocklist alias you added, and then:
Try this:
Goto Firewall - Settings - Advanced - Firewall Maximum Table Entries:
Default size is: 200000 - CHANGE THIS TO 800000 to allow more entries.
Then try add the blocklist again and see if it works.
Logged
Gandalf2434
Newbie
Posts: 29
Karma: 0
Re: IP-Liste blocken
«
Reply #2 on:
April 16, 2021, 09:02:31 pm »
Thanks for your hint. I tried to increase the max table entries. Removed the alias and added it again, but still the same issue. The alias stays empty.
Logged
allebone
Sr. Member
Posts: 402
Karma: 34
Re: IP-Liste blocken
«
Reply #3 on:
April 16, 2021, 09:43:26 pm »
I tried adding this list also.
I receive this error but dont know why:
System Log
2021-04-16T15:41:32 error fetching alias url
https://block.energized.pro/extensions/ips/formats/list.txt
2021-04-16T15:41:32 fetch alias url
https://block.energized.pro/extensions/ips/formats/list.txt
(lines: 155066)
I was able to test adding my own blocklist and this worked fine so must be something in the formatting:
https://raw.githubusercontent.com/pallebone/StrictBlockPAllebone/master/BlockIP.txt
Above has no error.
«
Last Edit: April 16, 2021, 10:03:10 pm by allebone
»
Logged
allebone
Sr. Member
Posts: 402
Karma: 34
Re: IP-Liste blocken
«
Reply #4 on:
April 17, 2021, 03:21:10 am »
Im thinking the list you want to use is not formatted correctly.
Logged
Gandalf2434
Newbie
Posts: 29
Karma: 0
Re: IP-Liste blocken
«
Reply #5 on:
April 17, 2021, 07:40:06 pm »
I left the Alias active and this night it could update the alias. I don't know why it did not work yesterday. But using this list all my internet-traffic is blocked. I think because there are also my private adress-ranges inside the list. Thats not really helpful...
I need to think how to handle this or if I don't use this list. Looks as if the list is not that reliable.
Logged
allebone
Sr. Member
Posts: 402
Karma: 34
Re: IP-Liste blocken
«
Reply #6 on:
April 17, 2021, 10:26:36 pm »
Try my list instead. I dont add any private ranges to the list.
Logged
JeGr
Hero Member
Posts: 1945
Karma: 227
old man standing
Re: IP-Liste blocken
«
Reply #7 on:
April 20, 2021, 04:07:30 pm »
Da wir im Deutschen Bereich sind, schreib ich auch mal so weiter.
@OT: man kann auch IP Bereiche excluden aus solchen Listen. Bspw. ein Alias erzeugen, die Liste mit reinnehmen und den eigenen Bereich oder generell die RFC1918 Bereiche excluden wenn man die raus haben möchte (mit !10.0.0.0/8 bspw.)
Näheres dazu steht auch in der Alias Doku
Cheers
Logged
"It doesn't work!" is no valid error description!
- Don't forget to [applaud] those offering time & brainpower to help you!
Better have some *sense as no(n)sense!
If you're interested in german-speaking business support, feel free to reach out via PM.
Print
Pages: [
1
]
« previous
next »
OPNsense Forum
»
International Forums
»
German - Deutsch
»
IP-Liste blocken