IP Address Blocklist - ideas for new features

db5589 · 19 September 2022 09:19

Dear IPFire developers,

thank you first for the new feature “IP Address Blocklist”! This es a great step!

I would like to address a few improvements that would further enhance functionality.

Seperate in / out dropping option
Currently it is only possible to turn on blocking for in and out together and not only for one direction.

E.g. I have enabled tor Plugin. Enabling the Blocklist Tor makes it not anymore possible to connect to tor, also not with Tor Browser. Enabling outgoing tor connections but disabling incoming data from tor network would be great.

Custom Lists
Allow adding custom block lists.
ASN Block
I currently use maloes ASN blocking script maloe/ASN_IPFire_Script: IPFire network object creator for IPv4 addresses based on ASN information - NotABug.org: Free code hosting
It would be great to integrate this script in the new Blocklist feature. Maybe other users with less technical kowledge could also use this great feature.

steven · 19 September 2022 11:07

If you want to communicate with Tor, you obviously have incoming Tor connections as well. That would make it all pointless.

pako · 24 September 2022 11:38

Regarding 2. Custom Lists.
I think that’s a good idea.
I manually added now following entry to the sources file (/var/ipfire/ipblocklist/sources):

'WINDOWS_SPY_BLOCKER'    => { 'name' => 'Crazy-Max WindowsSpyBlocker',
								'url'      => 'https://raw.githubusercontent.com/crazy-max/WindowsSpyBlocker/master/data/firewall/spy.txt',
								'info'     => 'https://crazymax.dev/WindowsSpyBlocker/blocking-rules/firewall/',
								'parser'   => 'ip-or-net-list',
								'rate'     => '1d',
								'category' => 'application' }

→ it is possible to add manual entries, it might be a good idea to have a UI for that.