* Banish-002 add-on for IPblocklist now include blocking on ASN
@ 2022-12-28 10:42 Rob Brewer
0 siblings, 0 replies; only message in thread
From: Rob Brewer @ 2022-12-28 10:42 UTC (permalink / raw)
To: development
[-- Attachment #1: Type: text/plain, Size: 2894 bytes --]
This is my latest version of my Banish add-on for IPblockist which adds
the facility to block by ASN as well as IP Address, CIDR and FQDN.
Please let me have your comments if you find this useful.
https://people.ipfire.org/~helix/banish/Banish-002.tar.gz
******* Banish-002.tar.gz ********
2022-12-27
Requirements IPFire 2.27 (x86_64) - Core-Update 170 or later.
This version of Banish adds the facility to block on Autonomous System
Number
(ASN) as well as the earlier method of IP Address, CIDR or FQDN.
Banish-002 uses the location database to derive the ip address associated
with
an ASN and combines these addresses with the other entries in the Banish
blocklist in an ipset to generate a blocklist for ipblocklist
This version is compatible with Banish-001 but make sure you backup:
/var/ipfire/Banish/Banish_config
/var/ipfire/ipblocklist/sources
if upgrading from Banish-001
As extraction of ip addresses from the location database is slow they are
cached in
/var/ipfire/Banish/cache and the location database is checked hourly for
updates
and if changed the banish blocklist is updated with any new entries. This
usually occurs once per week.
The ASN of a network can be found from a whois command or by interrogating
the
location database from the command line with "location lookup ip-address".
The ASN can then be entered into 'Banished Resource' window (as ASxxxxx)
along with
any remark if required and will be entered into to the Banish blocklist
with the
'add button'. The entry will become active on the next IP-blocklist update
which
is run every 15 minutes.
Banish-002 will add the following new files to IPfire:
/srv/web/ipfire/cgi-bin/BanishGeo.cgi
/srv/web/ipfire/cgi-bin/logs.cgi/Banishlog.dat /srv/web/ipfire/html/
banish_list
/usr/local/bin/Banish_Sort.pl /var/ipfire/Banish/Banish_config
/var/ipfire/Banish/Banish-functions.pl /var/ipfire/Banish/Banish_settings
/var/ipfire/Banish/ip_Banishlist /var/ipfire/addon-lang/Banish.de.pl
/var/ipfire/addon-lang/Banish.en.pl /var/ipfire/addon-lang/Banish.es.pl
/var/ipfire/addon-lang/Banish.fr.pl /var/ipfire/addon-lang/Banish.it.pl
/var/ipfire/addon-lang/Banish.nl.pl /var/ipfire/addon-lang/Banish.pt.pl
/var/ipfire/menu.d/EX-Banishlog.menu /var/ipfire/menu.d/EX-banish.menu
These IPFire files are modified:
/srv/web/ipfire/cgi-bin/logs.cgi/log.dat
/var/ipfire/ipblocklist/sources
To install.. Download Banish-002.tar.gz to /tmp
Extract the tar file using "tar -xvf banish-xxx.tar.gz -C /"
Regenerate the language cache with "update-lang-cache"
Note 1: this is an addon for IP Address Blocklists and the Banish
blocklist
needs to be enabled in the IP Address Blocklists menu and the firewall
ruleset
reloaded with the "Apply Changes" button in the "Firewall Rules" menu.
Note 2: Banish entries are are updated every 15 minutes when IP-based
blocking
is updated.
^ permalink raw reply [flat|nested] only message in thread
only message in thread, other threads:[~2022-12-28 10:42 UTC | newest]
Thread overview: (only message) (download: mbox.gz / follow: Atom feed)
-- links below jump to the message on this page --
2022-12-28 10:42 Banish-002 add-on for IPblocklist now include blocking on ASN Rob Brewer
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox