I'm using the BanIP (https://github.com/openwrt/packages/blob/master/net/banip/files/README.md ) module with a couple of regularly updated feeds for many years, and I was wondering whether this really makes any sense or are they better options?

My main goal is to strengthen my security posture, but keeping things simple, not overcomplicated. By looking at some of those maintained feeds, surely they would block tens of thousands of IPs, however it is not fully clear to me how effective such community curated lists are.

While most of the rules block IPs in the inbound direction, some of them protect against outbound malicious traffic (spyware, NSFW, etc.)

I do not have the router's admin interface (neither HTTPS, nor SSH) opened on the WAN port, also don't have any DNAT rules allowing access to my home devices.

Given this context, is this is a "good enough" approach from the security perspective or are they other ways I shall consider?

Thank you.