[PATCH 1/3] sources: Remove ABUSECH_BOTNETC2 from ipblocklist sources

[PATCH 1/3] sources: Remove ABUSECH_BOTNETC2 from ipblocklist sources

[Adolf Belka]

[-- Attachment #1: Type: text/plain, Size: 1394 bytes --]

- Abuse.ch deprecated the ABUSECH_BOTNETC2 list on 3rd Jan 2025 without any warning or
   notification except for the deprecation message in the block list.
- This patch removes that list from the ipblocklist sources.
- This is part of a patch set that also removes this list from the files in users
   systems and from any restore from an earlier backup when the updates sources list is
   issued.

Signed-off-by: Adolf Belka <adolf.belka(a)ipfire.org>
---
 config/ipblocklist/sources | 8 +-------
 1 file changed, 1 insertion(+), 7 deletions(-)

diff --git a/config/ipblocklist/sources b/config/ipblocklist/sources
index 158c8bc20..a25353528 100644
--- a/config/ipblocklist/sources
+++ b/config/ipblocklist/sources
@@ -128,11 +128,5 @@ our %sources = ( 'EMERGING_FWRULE' => { 'name'     => 'Emerging Threats Blocklis
 					 'info'     => 'https://blacklist.3coresec.net',
 					 'parser'   => 'ip-or-net-list',
 					 'rate'     => '1d',
-					 'category' => 'attacker' },
-	      'ABUSECH_BOTNETC2'  => { 'name'	=> 'ABUSE.ch Botnet C2 IP Blocklist',
-					   'url'	=> 'https://sslbl.abuse.ch/blacklist/sslipblacklist.txt',
-					   'info'	=> 'https://sslbl.abuse.ch/blacklist#botnet-c2-ips-csv',
-					   'parser'	=> 'ip-or-net-list',
-					   'rate'	=> '5m',
-					   'category'	=> 'reputation' }
+					 'category' => 'attacker' }
            );
-- 
2.48.1

[PATCH 2/3] backup.pl: Remove ABUSECH_BOTNETC2 lists from backup during restore.

[Adolf Belka]

[-- Attachment #1: Type: text/plain, Size: 1500 bytes --]

- This removes ABUSECH_BOTNETC2 from any backup during a restore in the same way as done
   previously with ALIENVAULT and SPAMHAUS_EDROP.

Signed-off-by: Adolf Belka <adolf.belka(a)ipfire.org>
---
 config/backup/backup.pl | 6 +++++-
 1 file changed, 5 insertions(+), 1 deletion(-)

diff --git a/config/backup/backup.pl b/config/backup/backup.pl
index 4f4273d26..1c8c87d0a 100644
--- a/config/backup/backup.pl
+++ b/config/backup/backup.pl
@@ -252,16 +252,20 @@ restore_backup() {
 			-out /etc/httpd/server.crt &>/dev/null
 	fi
 
-	# Remove any entry for ALIENVAULT or SPAMHAUS_EDROP from the ipblocklist modified file
+	# Remove any entry for ALIENVAULT, SPAMHAUS_EDROP or ABUSECH_BOTNETC2 from the ipblocklist modified file
 	# and the associated ipblocklist files from the /var/lib/ipblocklist directory
 	sed -i '/ALIENVAULT=/d' /var/ipfire/ipblocklist/modified
 	sed -i '/SPAMHAUS_EDROP=/d' /var/ipfire/ipblocklist/modified
+	sed -i '/ABUSECH_BOTNETC2=/d' /var/ipfire/ipblocklist/modified
 	if [ -e /var/lib/ipblocklist/ALIENVAULT.conf ]; then
 		rm /var/lib/ipblocklist/ALIENVAULT.conf
 	fi
 	if [ -e /var/lib/ipblocklist/SPAMHAUS_EDROP.conf ]; then
 		rm /var/lib/ipblocklist/SPAMHAUS_EDROP.conf
 	fi
+	if [ -e /var/lib/ipblocklist/ABUSECH_BOTNETC2.conf ]; then
+		rm /var/lib/ipblocklist/ABUSECH_BOTNETC2.conf
+	fi
 
 	# The collectd directory structure was changed but not all changes
 	# are done by the official migration script generator
-- 
2.48.1

[PATCH 3/3] update.sh: Remove ABUSECH_BOTNETC2 lists from users systems during update.

[Adolf Belka]

[-- Attachment #1: Type: text/plain, Size: 1918 bytes --]

- This removes ABUSECH_BOTNETC2 from users system during the update in the same way as
   done previously with ALIENVAULT and SPAMHAUS_EDROP.
- As next is still in CU192 I could not add these lines into the CU193 update.sh so I have
   added it to the CU192 update.sh
- If not appropriate then let me know and when the CU193 is created in next I will redo
   the patch and re-submit it.

Signed-off-by: Adolf Belka <adolf.belka(a)ipfire.org>
---
 config/rootfiles/core/192/update.sh | 9 ++++++++-
 1 file changed, 8 insertions(+), 1 deletion(-)

diff --git a/config/rootfiles/core/192/update.sh b/config/rootfiles/core/192/update.sh
index f81857053..d528a190f 100644
--- a/config/rootfiles/core/192/update.sh
+++ b/config/rootfiles/core/192/update.sh
@@ -17,7 +17,7 @@
 # along with IPFire; if not, write to the Free Software                    #
 # Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA  02111-1307 USA #
 #                                                                          #
-# Copyright (C) 2024 IPFire-Team <info(a)ipfire.org>.                        #
+# Copyright (C) 2025 IPFire-Team <info(a)ipfire.org>.                        #
 #                                                                          #
 ############################################################################
 #
@@ -159,6 +159,13 @@ rm -rvf \
 	/var/log/rrd/collectd/localhost/processes* \
 	/var/log/rrd/collectd/localhost/thermal-cooling_device*
 
+# Remove any entry for ABUSECH_BOTNETC2 from the ipblocklist modified file
+# and the associated ipblocklist files from the /var/lib/ipblocklist directory
+sed -i '/ABUSECH_BOTNETC2=/d' /var/ipfire/ipblocklist/modified
+if [ -e /var/lib/ipblocklist/ABUSECH_BOTNETC2.conf ]; then
+	rm /var/lib/ipblocklist/ABUSECH_BOTNETC2.conf
+fi
+
 # Apply local configuration to sshd_config
 /usr/local/bin/sshctrl
 
-- 
2.48.1