Privacy Filter (Another IPSET Script)

  • ATTENTION! As of November 1, 2020, you are not able to reply to threads 6 months after the thread is opened if there are more than 500 posts in the thread.
    Threads will not be locked, so posts may still be edited by their authors.
    Just start a new thread on the topic to post if you get an error message when trying to reply to a thread.

swetoast

Guest
well that wasn't helpful, please perform the commands given above and post all in this thread...
 

swetoast

Guest
new test version

https://gitlab.com/swe_toast/privacy-filter/raw/master/WIP/privacy-filter

Revision 23
  • Restructuring script
  • MSBlock included (USE AT OWN RISK)
NOTE: MSBlock is a new features which blocks Microsofts IP ranges (https://www.microsoft.com/en-us/download/details.aspx?id=53602)

So this might break apps and updates so only use if you really know what your doing dont block and comeback and ask me whats wrong... However MSBlock is disabled per default so in order to use it you have to change disabled to enabled for it to work and the rule is named privacy-filter_ipv4_range incase you need to flush it with that said, enjoy the new test version added a contributing guide to this project also

https://gitlab.com/swe_toast/privacy-filter/blob/master/CONTRIBUTING.md
 
Last edited:

mrchow

Occasional Visitor
well that wasn't helpful, please perform the commands given above and post all in this thread...
here's the output:
Code:
[email protected]:/tmp/home/root# nslookup skysports.com
Server:    127.0.0.1
Address 1: 127.0.0.1 localhost.localdomain

Name:      skysports.com
Address 1: 90.216.129.62
[email protected]:/tmp/home/root# ipset -L privacy-filter_ipv4 | grep 90.216.12
9.62
[email protected]:/tmp/home/root# ping 90.216.129.62
PING 90.216.129.62 (90.216.129.62): 56 data bytes

--- 90.216.129.62 ping statistics ---
15 packets transmitted, 0 packets received, 100% packet loss
 

swetoast

Guest
here's the output:
[email protected]:/tmp/home/root# ipset -L privacy-filter_ipv4 | grep 90.216.12
9.62
@mrchow did the forum break the line or did u check something else ?

Code:
ipset del privacy-filter_ipv4 90.216.129.62
to delete a single ip from a ipset not sure how it got in there but i recommend downloading a new default list

Code:
rm /jffs/privacy-filter.list
and as for pinging skysports well that wont work cause they turned off ping respons



working just fine for me and im using latest rev.
 
Last edited:

swetoast

Guest
Revision 23 is live

https://gitlab.com/swe_toast/privacy-filter/raw/master/privacy-filter
NOTE: MSBlock is a new features which blocks Microsofts IP ranges (https://www.microsoft.com/en-us/download/details.aspx?id=53602)

So this might break apps and updates so only use if you really know what your doing dont block and comeback and ask me whats wrong... However MSBlock is disabled per default so in order to use it you have to change disabled to enabled for it to work and the rule is named privacy-filter_ipv4_range incase you need to flush it with that said, enjoy the new test version added a contributing guide to this project also
 

swetoast

Guest
added how to find offending sources on OP so you can help yourself before i can make changes makes it easier for both you and me.
 

Martineau

Part of the Furniture

swetoast

Guest
yeah kinda but a minor, mind updating the description on the wiki instead ?
 
Last edited:

Xentrk

Part of the Furniture
Revision 23 is live

https://gitlab.com/swe_toast/privacy-filter/raw/master/privacy-filter
NOTE: MSBlock is a new features which blocks Microsofts IP ranges (https://www.microsoft.com/en-us/download/details.aspx?id=53602)

So this might break apps and updates so only use if you really know what your doing dont block and comeback and ask me whats wrong... However MSBlock is disabled per default so in order to use it you have to change disabled to enabled for it to work and the rule is named privacy-filter_ipv4_range incase you need to flush it with that said, enjoy the new test version added a contributing guide to this project also
I have a hard time keeping up with all of the updates. :) Good Job @swetoast. I updated 3 AC88U and one dd-wrt two days ago. I only had time to bounce one router and verified it worked. I will need to test the MSBlock feature during off hours though. Hope to do this in the next few days.

I have a question on the privacy-filter.list contents. Anyone can chime in on this one. As previously mentioned, I incorporated the list on my pfSense appliance using the pfBlockerNG package. I shared the privacy-filter.list on the pfsense forum (and gave links to this forum and the wiki). A forum member replied and said the list will prevent Microsoft updates from working. I have a Windows 10 laptop and checked my update history. All of my updates have been successful the past three months. So, no issues on my end. I said I would follow-up to see if anyone here had issues. I suspect not as I'm sure someone would have reported it by now and I've seen zero reports of issues on this thread.

Has anyone had time to test the MSBlock feature to make sure there is no impact with Microsoft updates from occurring?
 

swetoast

Guest
MSBlock impacts updates, thats why i got the huge warning labels on it :) and the reason why ive been updating to fast is that im gonna take a break for awhile from scripting a week or two since i need to focus on my other hobbies (music producer) the privacy-filer.list does not block updates.
 

Xentrk

Part of the Furniture
MSBlock impacts updates, thats why i got the huge warning labels on it :) and the reason why ive been updating to fast is that im gonna take a break for awhile from scripting a week or two since i need to focus on my other hobbies (music producer) the privacy-filer.list does not block updates.
Thanks for the reply. I may not end up testing or enabling the MSBlock feature since it blocks Windows updates. Thanks for confirming that as well as privacy-filter.list. You have been very active helping all of us on the forum. I am very grateful for your contributions. Enjoy your break!
 

swetoast

Guest
well you can test it but remember to set it back to disabled and reboot if it blocks too much
 

Xentrk

Part of the Furniture
well you can test it but remember to set it back to disabled and reboot if it blocks too much
Good point. I will test it out on my end just to help out with feedback. And be prepared to set it back if it blocks too much.

On a separate note, at the school I support, I had to comment out telemetry.appex.bing.net from privacy-filter.list after I first installed privacy-filter in order for Bing search engine to work as some of the teachers and students use Bing.
 

swetoast

Guest
for all users running iblocklist-loader.sh will be ineligible for support since redhat has incorporated telemetry block along with shodan.io block this makes privacy-filter incompatible so either run his script or my script dont run both.

will add incompatible script to debugtool
 
Last edited:

skeal

Part of the Furniture
Rev 24 is live.
Changelog:
  • more fixes to syntax
  • fixes to msblock
  • incompatibility checks
  • fixes on exit codes
https://gitlab.com/swe_toast/privacy-filter/raw/master/privacy-filter
I'm sorry but I uninstalled this script. Everytime it ran it gave me the same results. Definitely not a dynamic accumulated list. I was only protected from 72 unique ip addresses. This seems a little odd in a world of billions of IPs and millions of privacy attacks each day. Also the script was cpu intensive and slow to start. Sorry sir just made no sense to me. Keep up keeping on!
 

swetoast

Guest
got more things coming for it, so perhaps you will give it a chance in the future there are more and more users joining up each day in anycase glad you tried it out and you welcomed back in the future.

and with 100 dns address it will get about 115 if no other scrips are interfering and that your not running everything at the same time at boot or at update.
 
Last edited:

Similar threads

Latest threads

Sign Up For SNBForums Daily Digest

Get an update of what's new every day delivered to your mailbox. Sign up here!
Top