From mboxrd@z Thu Jan 1 00:00:00 1970 From: Rob Brewer To: development@lists.ipfire.org Subject: Re: GeoIP Blocked IPs not being logged Date: Wed, 06 Feb 2019 21:48:35 +0000 Message-ID: In-Reply-To: <2963A1FF-496E-44EE-9F79-B4CBAFE799F2@ipfire.org> MIME-Version: 1.0 Content-Type: multipart/mixed; boundary="===============3211506220060962159==" List-Id: --===============3211506220060962159== Content-Type: text/plain; charset="utf-8" Content-Transfer-Encoding: quoted-printable Hi Michael Michael Tremer wrote: > Hello Rob, >=20 > Thank you for submitting this patch. >=20 > There are several issues with this patch: >=20 > * It has been line-wrapped and therefore does not apply >=20 Apologies I'll try again without wrapping: --- build/usr/lib/firewall/rules.pl.orig 2019-02-04 20:59:34.677143496= +0000 +++ build/usr/lib/firewall/rules.pl 2019-02-04 21:01:59.445137411 +0000 @@ -609,6 +609,8 @@ # is enabled. foreach my $location (@locations) { if(exists $geoipsettings{$location} && $geoipsettings{$locati= on} eq "on") { + # add logging for geoip rwb 4/2/19 + run("$IPTABLES -A GEOIPBLOCK -m geoip --src-cc $loca= tion -j LOG --log-prefix 'GEOIPBLOCK-$location '"); run("$IPTABLES -A GEOIPBLOCK -m geoip --src-cc $locat= ion -j DROP"); } } > * It is actually intended behaviour of the GeoIP filter to not log those. > Many systems are flooded with log messages and this filter is supposed to > skim some things out entirely. >=20 I understand your thinking but it does mess up reporting the logs as I do to = Dshield. > However, I do not think that this is a bad idea, but it should be > configurable on the firewall options page. >=20 Yes I was thinking that this could be easily select-able with an if statement= around the LOG line if required. Rob =20 --===============3211506220060962159==--