Create install script for iptables/sh? #13
Comments
|
adblock for openwrt/LEDE is dnmasq based only. ip based blocking does not work for major sites which are sharing the same ip for different domains, i.e. |
|
I've put together all existing win7, 8.1, 10 firewall rules and ended up with 213 iptables rules. |
|
Maybe also you can gather some of the rules - I saw there are several Le 08/06/2016 à 06:16, elgab a écrit :
|
|
Yes, i will try to figure out some patterns in the IP list |
|
For some ip addresses i have to manage geoloc because Microsoft uses CDNs so some IPs are RIPE NCC specific. On the next release i will try to figure this out. |
|
Hello.
We can get IP addresses via wget or curl from github (some formatting must be made though).
After that, reload the firewall via |
|
Meant to reply earlier. We had a storm come through and I've spent the
|
|
May I ask the purpose of blocking Windows OS specific spying on Linux workstations? Beyond the pentesting benefits, that is. |
|
@existential-fallacy this post is specifically for users with Windows OS and capable router firmware that can block all those spy IP's before they even reach the Windows workstation. If you using Linux as your main OS there is no benefits of blocking the IP's,but there are still benefits of using the hosts format just for extra protection when browsing some of the Microsoft's websites. |
|
@dnmTX , I fully agree regarding what you state regarding:
Thank-you. |
|
Okay I don’t get it. Why are there no benefits if you are using Linux to blocking IPs? I have a router that I use to block certain IPs such as double click. I have iPhones, PCs with windows and PCs with Linux going through this router. Am I just deluding myself?
Content reviewed, logged and transmitted via NSA servers
… On Mar 25, 2019, at 08:10, Existential Fallacy ***@***.***> wrote:
@dnmTX , I fully agree regarding what you state regarding:
If you using Linux as your main OS there is no benefits of blocking the IP's,but there are still benefits of using the hosts format just for extra protection when browsing some of the Microsoft's websites.
Thank-you.
—
You are receiving this because you commented.
Reply to this email directly, view it on GitHub, or mute the thread.
|
|
The benefits can be powerful, though it can become resource intensive. Doubleclick is certainly needed to be blocked. Though using iptables _directly in a Linux workstation / desktop / laptop OS is not of use if one is using the full telemetry lists that @crazy-max provides since, e.g., a Debian install won’t be ‘phoning home’ to Microsoft as a Windows 10 install would. |
|
What are you guys talking about (for the layperson)? Does this still #1: Have to do with the WPD software of the PC & Phone communicating better with each other & #2: If so, why would they want to Block Windows Updates in Settings especially nowadays when you have a bunch of Day Zero Google Chrome Attacks & Windows Updates averages at least 1 a day of add-ons to Windows Defender now known as Security? That sounds dangerous! |
Hi Crazy-M
A big thank for your time and effort on this project. On routers using the openwrt os, man are already using your host list via the adblock project ( https://github.com/openwrt/packages/blob/master/net/adblock/files/README.md ), enabling to block things at the network level for all win10 plugged in.
To do the same for static IP and so for you firewall list, would it be possible that you create a sh script to set up iptables rules using your static IP files? That'd be great!
Regards
WB
The text was updated successfully, but these errors were encountered: