Show pagesourceOld revisionsBacklinksBack to top × Table of Contents banIP Introduction Command-line instructions Extras Web interface Blocking domains Blocking ASNs Blocking countries Blocking DoH Blocking WhatsApp Blocking Facebook Whitelisting networks Whitelisting clients banIP This article relies on the following: Accessing web interface / command-line interface Managing configs / packages / services / logs Introduction banIP can block services using IP/CIDR lists and by ASN. Command-line instructions Install and enable banIP. # Install packages opkg update opkg install banip # Enable banIP uci set banip.global.ban_enabled="1" uci commit banip /etc/init.d/banip restart Extras Web interface If you want to manage banIP settings using web interface. Install the necessary packages. # Install packages opkg update opkg install luci-app-banip /etc/init.d/rpcd restart Blocking domains Block domains by IP. # Block domains cat << EOF >> /etc/banip/banip.blocklist example.com example.net EOF /etc/init.d/banip restart Blocking ASNs Block Netflix by ASN. # Block Netflix uci add_list banip.global.ban_feed="asn" uci add_list banip.global.ban_asn="2906" uci add_list banip.global.ban_asn="40027" uci commit banip /etc/init.d/banip restart Blocking countries Block countries by GeoIP. # Blocking countries uci add_list banip.global.ban_feed="country" uci add_list banip.global.ban_country="cn" uci add_list banip.global.ban_country="ru" uci commit banip /etc/init.d/banip restart Blocking DoH Block DoH using a built-in list from dibdot/DoH-IP-blocklists. # Block DoH uci add_list banip.global.ban_feed="doh" uci commit banip /etc/init.d/banip restart Blocking WhatsApp Block WhatsApp using a custom list from HybridNetworks/whatsapp-cidr. # Block WhatsApp . /usr/share/libubox/jshn.sh json_init json_load_file /etc/banip/banip.custom.feeds 2> /dev/null json_add_object "whatsapp" json_add_string "descr" "WhatsApp CIDR" json_add_string "url_4" "https://raw.githubusercontent.com/\ HybridNetworks/whatsapp-cidr/main/WhatsApp/whatsapp_cidr_ipv4.txt" json_add_string "rule_4" "/^[^#]/{print \$1\",\"}" json_close_object json_dump > /etc/banip/banip.custom.feeds uci add_list banip.global.ban_feed="whatsapp" uci commit banip /etc/init.d/banip restart Blocking Facebook Block Facebook using a custom list from SecOps-Institute/FacebookIPLists. # Block Facebook . /usr/share/libubox/jshn.sh json_init json_load_file /etc/banip/banip.custom.feeds 2> /dev/null json_add_object "facebook" json_add_string "descr" "Facebook CIDR" json_add_string "url_4" "https://raw.githubusercontent.com/\ SecOps-Institute/FacebookIPLists/master/facebook_ipv4_cidr_blocks.lst" json_add_string "rule_4" "/^[^#]/{print \$1\",\"}" json_add_string "url_6" "https://raw.githubusercontent.com/\ SecOps-Institute/FacebookIPLists/master/facebook_ipv6_list.lst" json_add_string "rule_6" "/^[^#]/{print \$1\",\"}" json_close_object json_dump > /etc/banip/banip.custom.feeds uci add_list banip.global.ban_feed="facebook" uci commit banip /etc/init.d/banip restart Whitelisting networks Whitelist network interfaces. # Whitelist interfaces uci add_list banip.global.ban_vlanallow="br-lan" uci add_list banip.global.ban_vlanallow="br-dmz" uci commit banip /etc/init.d/banip restart Whitelisting clients Whitelist client MACs. # Whitelist MACs cat << EOF >> /etc/banip/banip.allowlist 11:22:33:44:55:66 aa:bb:cc:dd:ee:ff EOF /etc/init.d/banip restart This website uses cookies. By using the website, you agree with storing cookies on your computer. Also you acknowledge that you have read and understand our Privacy Policy. If you do not agree leave the website.OKMore information about cookies Last modified: 2023/09/22 17:00by vgaetera