Hello Rob,
thanks for your reply.
Hi Peter,
Thank you for your explanation.
On Saturday 04 June 2022 08:56 Peter Müller wrote:
Hello Rob,
Is it possible to list the 'Hostile Networks' from the core 167 database?
yes, you need to run this command on your IPFire machine:
$ location list-networks-by-flags --drop
Yes that works a treat. Presumably if I enable A[1-3] in the web interface those will be included as well as XD.
No, that's a misunderstanding: All of the A1, A2, A3, and XD country codes are distinct to each other, and map back to different distinct flags in libloc.
$ location list-networks-by-flags --anonymous-proxy
will give you all networks covered by the A1 country code in the web interface.
$ location list-networks-by-flags --satellite-provider
will do so for satellite providers (A2), and
$ location list-networks-by-flags --anycast
gives you all networks being used in anycast or alike setups (A3), where we technically cannot really assign a country code to them.
While there are some minor intersections (for example, some networks are flagged as both being used for anonymous proxying, and being hostile), the output of these commands do not interfere with each other, and are completely independent from any settings made in the web interface.
Apologies for this rather confusing implementation. Perspectively (i.e. for IPFire 3.x), we plan to get rid of A1, A2, A3, and XD, and only use their correspondent flags, to keep things consistent.
Hope to have clarified things somewhat for you. :-)
Thanks, and best regards, Peter Müller
Depending on your use-case, you might want to have only IPv4 or IPv6 networks displayed. This is possible via:
$ location list-networks-by-flags --family=ipv4 --drop
Similar to A[1-3], the country code XD was introduced as a workaround for IPFire's web interface, and is not directly usable in conjunction with libloc, but rather via the "list-networks-by-flags" command.
Please refer to https://man-pages.ipfire.org/libloc/location.html for libloc's full current manpage.
I had read the manpage but I didn't grasp the significance of list-networks- by-flags.
Thanks, and best regards, Peter Müller
Regards
Rob