Hallo Adolf, Okay. I have merged this and as soon as the build is done I will push the new update out. What are we doing with the people who have already installed the update? -Michael > On 16 Mar 2024, at 09:32, Adolf Belka wrote: > > - My drop hostile patch set updated the WUI entries to include in and out logging options > but the values need to be added to the optionsfw entries for existing systems being > upgraded. > - After the existing CU184 update the LOGDROPHOSTILEIN and LOGDROPHO)STILEOUT entries > are not in the settings file which trewats them as being set to off, even though they > are enabled in the WUI update. > - This patch adds the LOGDROPHOSTILEIN and LOGDROPHOSTILEOUT entries into the settings > file and then runs the firewallctrl command to apply to the firewall. > - Ran a CU184 update on a CU183 vm system and then ran the comands added into the update.sh > script and then did a reboot. Entries include and DROP_HOSTILE entries start to be > logged again. > > Tested-by: Adolf Belka > Signed-off-by: Adolf Belka > --- > config/rootfiles/core/184/update.sh | 6 ++++++ > 1 file changed, 6 insertions(+) > > diff --git a/config/rootfiles/core/184/update.sh b/config/rootfiles/core/184/update.sh > index aa593047d..1a0e67c66 100644 > --- a/config/rootfiles/core/184/update.sh > +++ b/config/rootfiles/core/184/update.sh > @@ -80,6 +80,12 @@ xz --check=crc32 --lzma2=dict=512KiB /lib/modules/6.6.15-ipfire/extra/wlan/8812a > # Apply local configuration to sshd_config > /usr/local/bin/sshctrl > > +# Add the drop hostile in and out logging options > +# into the optionsfw settings file and apply to firewall > +sed -i '$ a\LOGDROPHOSTILEIN=on' /var/ipfire/optionsfw/settings > +sed -i '$ a\LOGDROPHOSTILEOUT=on' /var/ipfire/optionsfw/settings > +/usr/local/bin/firewallctrl > + > # Start services > telinit u > /etc/init.d/vnstat start > -- > 2.44.0 >