Banish adds a new menu item to the ipblocklist page from which you can enable/disable your personal blocklist generated by the Banish configuration page in the IPFire menu.
In the Banish configuration page you can block on Autonomous System Number (ASN), IP Address, CIDR or FQDN. Just add your new rule such as xxx.xxx.xxx.xxx, xxx.xxx.xxx.0/24, xxx.xxx.xxx.0-xxx.xxx.xxx.255 or ASxxxxx to the ‘Banish Resource’ input box and a remark if required (I find it useful to add a short note such as “Port Scanner - 3/4/22”) and check ‘enabled’ and click on ‘add’. This will then be added to the ‘Current Rules’ list below.
Resources added to the ‘Current Rules’ list can be enabled, edited or removed by the 3 tick boxes on the end of the line.
The entry will become active on the next IP-blocklist update which is run every 15 minutes but make sure you have enabled BANISH in the IPblocklist menu and clicked the ‘Save’ button and ‘Apply Changes’ in the ‘Firewall Rules’ menu first. Once BANISH is enabled in the IPBlocklist menu new entries can be added or removed in the Banish menu.
Banish generates an ipset from the ‘Current Rules’ entered into the Banish menu and is picked up as additional blocklist by the IPBlocklist feature.
The ipsets associated with AS numbers change fro time to time and will be updated when the location database is updated wihich happens bout once per week.
I have been using this version of Banish now for over 12 months without any problems.
Rob