Hi Michael
Michael Tremer wrote:
Hello Rob,
Thank you for your interest in working on this.
Yes, I always thought that there was great interest in moving this over the line. However, I could not find where we left off here.
There were a couple of outstanding issues that had to be resolved. I just couldn’t find my last emails. Are you aware of these?
I'm pleased to say I have had an email from Tim and is supportive of my attempts to progress ipblacklist into IPFire. Tim however says "Between COVID, my taking on additional responsibilities and the code not being part of ipfire, it's currently got a very low priority for me."
Tim pointed me to his git pages where I was able to find most of the code that I thought was missing from patchwork and is all now installed on my firewall and is working extremely well.
You may be interested in one of the modification I have made to ipblacklist, is to add an additional local blacklist to the sources file to get a blocklist from a web server on my local network. This is populated by a script which greps the mail server logs for SMTP Auth attacks and has been particularly useful in protecting the mail server from a recent botnet attack where the offending ip addresses have been recycled every one to three weeks. Currently the blocklist contains about 3000 ip addresses and has blocked nearly 2000 smtp auth attempts so far to-day.
I also use fail2ban and Banish to manage iptables blocks on the firewall.
The last communication I could find between yourself and Tim was in May 2020. https://lists.ipfire.org/pipermail/development/2020-May/007822.html
Hope this is useful.
Rob