From mboxrd@z Thu Jan  1 00:00:00 1970
From: Rob Brewer <ipfire-devel@grantura.co.uk>
To: development@lists.ipfire.org
Subject: GeoIP Blocked IPs not being logged
Date: Mon, 04 Feb 2019 21:08:21 +0000
Message-ID: <q3a9k5$ugk$1@tuscan3.grantura.co.uk>
MIME-Version: 1.0
Content-Type: multipart/mixed; boundary="===============0072033218026094936=="
List-Id: <development.lists.ipfire.org>

--===============0072033218026094936==
Content-Type: text/plain; charset="utf-8"
Content-Transfer-Encoding: 7bit

Hi

After adding a few country codes with the GeoIP Configuration page, Geo 
blocked IPs no longer appear in the Firewall Logs.

This might be the intended operation but for me I would like to log these 
blocked IPs and have added a logging rule to /usr/lib/firewall/rules.pl

This is my patch for rules.pl which I have tested on my live IPFire and is 
working OK.

diff -u build/usr/lib/firewall/rules.pl.orig build/usr/lib/firewall/rules.pl
--- build/usr/lib/firewall/rules.pl.orig        2019-02-04 
20:59:34.677143496 +0000
+++ build/usr/lib/firewall/rules.pl     2019-02-04 21:01:59.445137411 +0000
@@ -609,6 +609,8 @@
        # is enabled.
        foreach my $location (@locations) {
                if(exists $geoipsettings{$location} && 
$geoipsettings{$location} eq "on") {
+      # add logging for geoip rwb 4/2/19
+                        run("$IPTABLES -A GEOIPBLOCK -m geoip --src-cc 
$location -j LOG --log-prefix 'GEOIPBLOCK-$location '");
                        run("$IPTABLES -A GEOIPBLOCK -m geoip --src-cc 
$location -j DROP");
                }
        }


Regards

Rob



--===============0072033218026094936==--