Long URL-based ban list protection

Murus
Post Reply
josen
Posts: 3
Joined: Fri Aug 18, 2017 9:53 am

Long URL-based ban list protection

Post by josen » Sat Aug 26, 2017 1:49 pm

Hello,

Murus has an issues with a very long URL-based ban list. The murus.updatedthreats.sh script will fail cause of "too many arguments".

With a small dirty workaround it is working - change following line in /etc/murus.updatethreats.sh to:

Code: Select all

#
# Replace old PF table with new one
#

/sbin/pfctl -t _threats -T replace `cat $badIPs`

Code: Select all

#
# Replace old PF table with new one
#

/sbin/pfctl -t _threats -T flush
cat $badIPs | xargs -n 1 /sbin/pfctl -t _threats -T add
#/sbin/pfctl -t _threats -T replace `cat $badIPs`
Enjoy weekend,
jvc

hany
Posts: 480
Joined: Wed Dec 10, 2014 5:20 pm

Re: Long URL-based ban list protection

Post by hany » Tue Aug 29, 2017 12:34 pm

Thanks a lot! :)
we will include this fix in Murus 1.4.12

josen
Posts: 3
Joined: Fri Aug 18, 2017 9:53 am

Re: Long URL-based ban list protection

Post by josen » Tue Aug 29, 2017 5:22 pm

thx.

It is not the best solution as each IP will be inserted seperatly - means it does take a "long" time.
Best would be to tell pf to read from file or you have a better idea.

jvc

hany
Posts: 480
Joined: Wed Dec 10, 2014 5:20 pm

Re: Long URL-based ban list protection

Post by hany » Tue Aug 29, 2017 11:49 pm

Yes, I just realised that a long list will take a long time.
I don't have a better idea yet.

josen
Posts: 3
Joined: Fri Aug 18, 2017 9:53 am

Re: Long URL-based ban list protection

Post by josen » Wed Aug 30, 2017 6:14 pm

Again me:

better solution:

Code: Select all

/sbin/pfctl -t _threats -T replace -f $badIPs
enjoy
jvc

Post Reply