External Block Lists - Firehol

Started by gauthig, March 03, 2022, 05:00:21 PM

Previous topic - Next topic
Print
Go Down Pages1
User actions
March 03, 2022, 05:00:21 PM Last Edit: March 03, 2022, 05:05:04 PM by gauthig
Besides IPS, having a quick and very current block list of current events like Firehol is great.   

But, I was testing a setup I did a long time ago and noticed the Networks in Firehol (1,2,3) do not seem to get applied in the ruleset.
   

For example I take any of the single IP's in the current Firehol2 and see it is blocked while monitoring the rules for my label.

When I take a IP from a subnet in the list (x.x.x.x/24) It does not block it.   It seems that anything with network notation is not loaded.

I tried both URL IP(s) and URL Table IP(s).

I turned on statistics and went into the alias table.   I see the networks listed i.e. x.x.x.x/24, but even though I curl, http, ping an IP in that network range the counts do not increase.  But for any single IP in the list without a / mask works fine and the counters increase. 
April 28, 2022, 06:53:41 PM #1
Can't recommend firehol - it often blocs GitHub addresses (false positives).
Print
Go Up Pages1
User actions