- Abuse.ch deprecated the ABUSECH_BOTNETC2 list on 3rd Jan 2025 without any warning or notification except for the deprecation message in the block list. - This patch removes that list from the ipblocklist sources. - This is part of a patch set that also removes this list from the files in users systems and from any restore from an earlier backup when the updates sources list is issued.
Signed-off-by: Adolf Belka adolf.belka@ipfire.org --- config/ipblocklist/sources | 8 +------- 1 file changed, 1 insertion(+), 7 deletions(-)
diff --git a/config/ipblocklist/sources b/config/ipblocklist/sources index 158c8bc20..a25353528 100644 --- a/config/ipblocklist/sources +++ b/config/ipblocklist/sources @@ -128,11 +128,5 @@ our %sources = ( 'EMERGING_FWRULE' => { 'name' => 'Emerging Threats Blocklis 'info' => 'https://blacklist.3coresec.net', 'parser' => 'ip-or-net-list', 'rate' => '1d', - 'category' => 'attacker' }, - 'ABUSECH_BOTNETC2' => { 'name' => 'ABUSE.ch Botnet C2 IP Blocklist', - 'url' => 'https://sslbl.abuse.ch/blacklist/sslipblacklist.txt', - 'info' => 'https://sslbl.abuse.ch/blacklist#botnet-c2-ips-csv', - 'parser' => 'ip-or-net-list', - 'rate' => '5m', - 'category' => 'reputation' } + 'category' => 'attacker' } );
- This removes ABUSECH_BOTNETC2 from any backup during a restore in the same way as done previously with ALIENVAULT and SPAMHAUS_EDROP.
Signed-off-by: Adolf Belka adolf.belka@ipfire.org --- config/backup/backup.pl | 6 +++++- 1 file changed, 5 insertions(+), 1 deletion(-)
diff --git a/config/backup/backup.pl b/config/backup/backup.pl index 4f4273d26..1c8c87d0a 100644 --- a/config/backup/backup.pl +++ b/config/backup/backup.pl @@ -252,16 +252,20 @@ restore_backup() { -out /etc/httpd/server.crt &>/dev/null fi
- # Remove any entry for ALIENVAULT or SPAMHAUS_EDROP from the ipblocklist modified file + # Remove any entry for ALIENVAULT, SPAMHAUS_EDROP or ABUSECH_BOTNETC2 from the ipblocklist modified file # and the associated ipblocklist files from the /var/lib/ipblocklist directory sed -i '/ALIENVAULT=/d' /var/ipfire/ipblocklist/modified sed -i '/SPAMHAUS_EDROP=/d' /var/ipfire/ipblocklist/modified + sed -i '/ABUSECH_BOTNETC2=/d' /var/ipfire/ipblocklist/modified if [ -e /var/lib/ipblocklist/ALIENVAULT.conf ]; then rm /var/lib/ipblocklist/ALIENVAULT.conf fi if [ -e /var/lib/ipblocklist/SPAMHAUS_EDROP.conf ]; then rm /var/lib/ipblocklist/SPAMHAUS_EDROP.conf fi + if [ -e /var/lib/ipblocklist/ABUSECH_BOTNETC2.conf ]; then + rm /var/lib/ipblocklist/ABUSECH_BOTNETC2.conf + fi
# The collectd directory structure was changed but not all changes # are done by the official migration script generator
- This removes ABUSECH_BOTNETC2 from users system during the update in the same way as done previously with ALIENVAULT and SPAMHAUS_EDROP. - As next is still in CU192 I could not add these lines into the CU193 update.sh so I have added it to the CU192 update.sh - If not appropriate then let me know and when the CU193 is created in next I will redo the patch and re-submit it.
Signed-off-by: Adolf Belka adolf.belka@ipfire.org --- config/rootfiles/core/192/update.sh | 9 ++++++++- 1 file changed, 8 insertions(+), 1 deletion(-)
diff --git a/config/rootfiles/core/192/update.sh b/config/rootfiles/core/192/update.sh index f81857053..d528a190f 100644 --- a/config/rootfiles/core/192/update.sh +++ b/config/rootfiles/core/192/update.sh @@ -17,7 +17,7 @@ # along with IPFire; if not, write to the Free Software # # Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA # # # -# Copyright (C) 2024 IPFire-Team info@ipfire.org. # +# Copyright (C) 2025 IPFire-Team info@ipfire.org. # # # ############################################################################ # @@ -159,6 +159,13 @@ rm -rvf \ /var/log/rrd/collectd/localhost/processes* \ /var/log/rrd/collectd/localhost/thermal-cooling_device*
+# Remove any entry for ABUSECH_BOTNETC2 from the ipblocklist modified file +# and the associated ipblocklist files from the /var/lib/ipblocklist directory +sed -i '/ABUSECH_BOTNETC2=/d' /var/ipfire/ipblocklist/modified +if [ -e /var/lib/ipblocklist/ABUSECH_BOTNETC2.conf ]; then + rm /var/lib/ipblocklist/ABUSECH_BOTNETC2.conf +fi + # Apply local configuration to sshd_config /usr/local/bin/sshctrl
-
Adolf Belka