The Ads and Malicious categories under Services > Web Filter > Basic Settings get handled completed differently to the remainder of the categories. These first two have a bunch of different rules and download URLs, whereas the others are all unpacked from
http://www.shallalist.de/Downloads/shallalist.tar.gz
Presumably then, the Spyware rules from shallalist probably overlap a lot of the Malicious ones - has anyone done any sort of analysis to confirm?
I've had some problems with snort blocking all traffic once I enable Spyware blocking, so I'm wondering if I'm seeing duplicates or hitting some rule limits..
OpenWrt SNAPSHOT, r10391-3d8d528939