WindowsSpyBlocker icon indicating copy to clipboard operation
WindowsSpyBlocker copied to clipboard
verified publisher icon crazy-max

OpenWrt all-in-one package

Open ghost opened this issue 9 years ago • 3 comments

Hi there Current data for openwrt is split into win7; win8.1; win10 and then spy; update and extra. This is the same for all platforms, but doesn't make much sense for openwrt routers. Routers generally have multiple computers with different OS connected, so, we will probably need all rules for windows 7, 8.1 and 10, this can be a pain in the a to get/update all rules!

I think it would be wise to merge them all in one dnsmasq.conf file and in one firewall.user file. About the 'spy , update, extra', I would also vote to include them all. Would be necessary to make sure there aren't duplicates. You could add this as another method... like this /data/openwrt/all

Let me know what you think. Thanks.

UPDATE: A couple days ago I wrote a very 'simple script' that can run directly on Openwrt routers, it downloads, merges all in one firewall.user/dnsmasq.conf and even apply the rules by restarting firewall and dnsmasq. It uses curl to download, cat for merging all together, sed for cleaning comments and empty lines, sed again for deleting old rules from files (eg. it deletes all entries below #winspy, so all entries above are preserved) and cat again to add (append) them to the actual /etc/firewall.user or dnsmasq.conf file without deleting any comments or custom entries in those files, the "#winspy" works as a flag, everything below will be deleted.

ghost avatar Jan 11 '17 21:01 ghost

All those entries in /etc/firewall.user are killing speed. you need high-end expensive dual core router.

elgab avatar Jan 15 '17 22:01 elgab

I don't see it really. I use a TP Link WR1043ND v2.1, with all these rules, it runs a small LAN of +-8 devices never notice any slow down, maybe theoretical speed is reduced, but in practice it will never reach that point... example, just look at samba, it will be limited by server (disk) speed

It's abused, system runs on extroot 500GB HD, streams linux stb tv, runs samba server, apache2 web server locally, TOR proxy, Transmission, SSH tunneling... The only thing that really put some load on cpu is Transmission or/and TOR when they get past 1.5MBs. But again practical WAN speed is limited and averages only 500KBs during day, also TOR, so cpu load use will be about 0.3 or less.. It runs like this about 2 years now.

ghost avatar Jan 15 '17 23:01 ghost

Last time I tested firewall.user was with the legendary cheap TL-WR740N. The device was running OK full 100Mbit line, but placing all the firewall rules produced a massive speed drop.

The problem with Microsoft is the insane amount of IP subnets dedicated for spying, you cannot group them all in a /16 to get away with a couple of firewall lines.

17.0.0.0/8 used by 🍎 this one line will work great on that router.

elgab avatar Jan 16 '17 02:01 elgab