search

WaterByWind / edgeos-bl-mgmt

Automated updating of EdgeOS firewall network-group to be used as source address blacklist
MIT License
196 stars 40 forks source link

Can't confirm rulesets are applied #9

Closed krisclarkdev closed 3 years ago

krisclarkdev commented 6 years ago

Can you provide steps to confirm that the new rulesets have been applied?

EdgeRouter PoE v1.9.7+hotfix.3

WaterByWind commented 5 years ago

I'm not sure exactly to which part this is referring. You would create the needed firewall rules yourself via EdgeOS configuration so checking that configuration will confirm the rules are in place.

To verify if the actual lists are being populated you would use 'ipset' via CLI on the router: sudo ipset -L Nets4-BlackList | wc -l and sudo ipset -L Nets6-BlackList | wc -l for the IPv4 and IPv6 lists, respectively. That will show the count of entries in each list, +7. You can view the actual contents by omiting the | wc -l but the lists are typically very long.

t56k commented 4 years ago

Do they ever appear in the GUI? sudo ipset... returns the count, but the GUI says 0.

WaterByWind commented 4 years ago

No the count of members will never show in the GUI as it is not aware of the actual ipset contents. The GUI is based on the edgeos configuration.