## Installation and Usage
* Update your local opkg/apk repository
* Install the LuCI companion package 'luci-app-banip' which also installs the main 'banip' package as a dependency
+* Enable the banIP system service (System -> Startup) and enable banIP itself (banIP -> General Settings)
* It's strongly recommended to use the LuCI frontend to easily configure all aspects of banIP, the application is located in LuCI under the 'Services' menu
* It's also recommended to configure a 'Reload Trigger Interface' to depend on your WAN ifup events during boot or restart of your router
* To be able to use banIP in a meaningful way, you must activate the service and possibly also activate a few blocklist feeds
* If you're using a complex network setup, e.g. special tunnel interfaces, than untick the 'Auto Detection' option under the 'General Settings' tab and set the required options manually
-* Start the service with '/etc/init.d/banip start' and check everything is working by running '/etc/init.d/banip status' and also check the 'Firewall Log' and 'Processing Log' tabs
+* Start the service with '/etc/init.d/banip start' and check everything is working by running '/etc/init.d/banip status', also check the 'Processing Log' tab
<a id="banip-cli-interface"></a>
## banIP CLI interface
```
**Set reporting, enable the GeoIP Map**
+banIP includes a powerful reporting tool on the Set Reporting tab which shows the latest NFT banIP Set statistics. To get the latest statistics always press the "Refresh" button.
In addition to a tabular overview banIP reporting includes a GeoIP map in a modal popup window/iframe that shows the geolocation of your own uplink addresses (in green) and the locations of potential attackers (in red). To enable the GeoIP Map set the following options (in "Feed/Set Settings" config tab):
* set 'ban_nftcount' to '1' to enable the nft counter for every Set element
if [ "${etag_rc}" = "0" ] || [ "${ban_action}" != "reload" ] || [ "${feed_url}" = "local" ]; then
if [ "${feed%%.*}" = "allowlist" ] && [ ! -f "${tmp_allow}" ]; then
f_restore "allowlist" "-" "${tmp_allow}" "${etag_rc}"
+ restore_rc="${?}"
else
f_restore "${feed}" "${feed_url}" "${tmp_load}" "${etag_rc}"
+ restore_rc="${?}"
fi
- restore_rc="${?}"
feed_rc="${restore_rc}"
fi
fi
json_get_keys table_sets >/dev/null 2>&1
if [ -n "${table_sets}" ]; then
for item in ${table_sets}; do
+ [ "${item%%_*}" = "allowlist" ] && continue
json_select "${item}"
json_get_keys set_details
for detail in ${set_details}; do
projects / feed / packages.git / commitdiff