Support » Plugin: IP Geo Block » Suggestion – Custom IP block lists

  • Resolved JWebber74

    (@jwebber74)


    I would like to see the ability to add custom IP blocklists. Something where I can input a URL, and the plugin would check if there is a new list , download it and apply it to the current IP block list being used.

    Taking it an optional step further; to account for different managed IP block list formats the user could select the proper format of the IP block list it is retrieving. The plugin then should take this into account and convert it to what ever format is needed for the plugin.

Viewing 6 replies - 1 through 6 (of 6 total)
  • Plugin Author tokkonopapa

    (@tokkonopapa)

    Hi @jwebber74,

    Thank you for your suggestions. I’d like to understand what you really intend.

    Something where I can input a URL, and the plugin would check if there is a new list , download it and apply it to the current IP block list being used.

    Do you mean you want to search a domain name to get some informations including IP addresses?

    Currently, you can get geolocation and whois info for any IP addresses on “Search” tab.

    Implementing your suggestion itself is not so difficult. But what is your typical usecase for this plugin? I can easily imagine the following usecase:

    1. When you find a malicious IP address in the “Logs” of this plugin,
    2. You want to put not only the single IP address but also a range of IP into the blacklist, then you can click the link on IP to get whois information on “Search” tab.
    3. Then you can get a renage of IP with CIDR notation which you can copy and paste into the blacklist.

    Whois info on search tab

    I can agree that I should provide some shortcut for No.3 to set the blacklist. But in this usecase, there’s no need to handle domain names. If you want to do that, you can visit the external whois services.

    And related to your optional suggestion, you’d set a range of IP address something like this: “From: 127.0.0.1, To: 127.0.0.100” instead of “127.0.0.0/25” to minimize the effect of blocking. Am I right?

    I think it doesn’t make sense because the number of usable hosts can be obtain with subnet mask (i.e. CIDR). If a host or visitor’s IP address is allocated dynamically, then we should cover the possibility of all the range that is allocated to the domain.

    Or should I provide a range calculator of IP address something like this: https://www.iplocation.net/subnet-calculator

    How is your idea?

    If I can agree your intention, I’ll adopt your suggestion.

    I appreciate any of your opinions.
    Thanks.

    Thread Starter JWebber74

    (@jwebber74)

    Let me explain this better.

    I would like for the plugin to be able to use IP block lists from websites such as:
    https://www.iblocklist.com/lists.php

    The plugin should be able to download the IP blocklists and use these to block those IPs.

    The plugin should be able to check every so often to see if the IP block list has changed. If it has it should download the new IP blocklist.

    What I meant about “taking a step further”, I meant that there are websites which host IP blocklists that are in different formats. I would like the plugin to be able to handle multiple formats.

    By formats they could be in CIDR format or IP range formats: (200.100.88.0 – 200.100.88.254) etc.

    • This reply was modified 4 years, 6 months ago by JWebber74.
    • This reply was modified 4 years, 6 months ago by JWebber74.
    Plugin Author tokkonopapa

    (@tokkonopapa)

    Hi @jwebber74,

    OK, I got your point. I think “2.2.0 Release Note” can help you to extend the functionality of this plugin.

    In regards to the format of IP blacklist, I’d like to keep CIDR internally because it’s quite simple and well supported by PHP.

    On the other hand, I think validating a lot of IP addresses with whatever format is not recommended in this plugin because of the performance point of view.

    Originally PeerGuardian seems to work at kernel level. Or using iptables which works at lower level is an another good way.

    Basically, “Blacklist of extra IP addresses prior to country code” is subsidiary function in this plugin. So I hope your generous understanding.

    Once I close this topic, but it’s my pleasure to keep discussion about this topic in this thread.

    Thanks.

    Plugin Author tokkonopapa

    (@tokkonopapa)

    Hi, here is an another sample: http://www.ipgeoblock.com/codex/ip-geo-block-extra-ips.html

    All my samples should be improved to use “If-Modified-Since” http header to avoid unnecessary update.

    Thread Starter JWebber74

    (@jwebber74)

    Currently there is no way to have the plugin fetch a new IP list and check for changes or updates.

    For example, I would like the plugin to use this IP blocklists: https://raw.githubusercontent.com/firehol/blocklist-ipsets/master/firehol_level1.netset It is in the compatible CIDR format, but no way to have the plugin automatically check to see if the lists is updated and if so it should download the list and apply the new IP addresses from the list.

    Plugin Author tokkonopapa

    (@tokkonopapa)

    Currently there is no way to have the plugin fetch a new IP list and check for changes or updates.

    Actually, this plugin has some ways to extend for your demand. You can do it by yourself by following samples I showed previously.

    But I have no plan to support it officially because I prefer to keep this plugin as simple as possible but still enough extendable.

    I don’t know your programming skill, but I think there’s a way to check the list is updated or not by cron job using “If-Modified-Since” http header with HEAD method.

    And again, it’s not good idea to validate over ten thousand and more of IPs by PHP. It’s not practical from the performance point of view.

Viewing 6 replies - 1 through 6 (of 6 total)
  • The topic ‘Suggestion – Custom IP block lists’ is closed to new replies.