* [git.ipfire.org] IPFire 2.x development tree branch, master, updated. d028a679ab0a9a7fd29e2cf31a2fd3761f261fe1
@ 2025-03-21 15:11 Michael Tremer
0 siblings, 0 replies; only message in thread
From: Michael Tremer @ 2025-03-21 15:11 UTC (permalink / raw)
To: ipfire-scm
This is an automated email from the git hooks/post-receive script. It was
generated because a ref change was pushed to the repository containing
the project "IPFire 2.x development tree".
The branch, master has been updated
via d028a679ab0a9a7fd29e2cf31a2fd3761f261fe1 (commit)
via 4c3fa8ead093c2299d45bbc5538271aa41f31be5 (commit)
via 80dc5de20c2fb6e67e7b9a66cab540336f1469bd (commit)
via 11cd611e5c84d124c7a5fabc1792580c0c662df4 (commit)
from 64f50cf5f089caa2e1cb0de9cf4fa4cf26d4796f (commit)
Those revisions listed above that are new to this repository have
not appeared on any other notification email; so we list those
revisions in full, below.
- Log -----------------------------------------------------------------
commit d028a679ab0a9a7fd29e2cf31a2fd3761f261fe1
Author: Adolf Belka <adolf.belka@ipfire.org>
Date: Wed Mar 12 12:03:22 2025 +0100
sources: Update ipblocklist with Threatview.io IP list
- Blocklist addition was discussed and agreed at IPFire dev conf call in March 2025.
- Tested on vm system.
- Adjusted the entry alignment for the three 3coresec entries as they had used tabs and
all the rest used spaces for alignment. Now all entries are lined up the same.
Tested-by: Adolf Belka <adolf.belka@ipfire.org>
Signed-off-by: Adolf Belka <adolf.belka@ipfire.org>
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
commit 4c3fa8ead093c2299d45bbc5538271aa41f31be5
Author: Michael Tremer <michael.tremer@ipfire.org>
Date: Fri Mar 21 15:10:08 2025 +0000
core193: Ship ipblocklist-functions.pl
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
commit 80dc5de20c2fb6e67e7b9a66cab540336f1469bd
Author: Adolf Belka <adolf.belka@ipfire.org>
Date: Wed Mar 12 15:46:10 2025 +0100
ipblocklist-functions.pl: Specify an IPFire user agent for the downloads
- As discussed at the IPFire conf call in March 2025, this patch provides an IPFire
specific User Agent string for the IP Block Lists downloads using LWP::UserAgent.
- It turned out that there was already a function in general-functions.pl that creates
an IPFire Useer Agent string. This was used for this IP Blocklist download.
- Currently it gave me the string IPFire/2.29/192.
- This was tested out with the Threatview.io IP blocklist download and it worked fine.
- If this patch is approved and merged then I will let contact Threatview.io to let them
know what our User Agent string is.
Tested-by: Adolf Belka <adolf.belka@ipfire.org>
Signed-off-by: Adolf Belka <adolf.belka@ipfire.org>
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
commit 11cd611e5c84d124c7a5fabc1792580c0c662df4
Author: Michael Tremer <michael.tremer@ipfire.org>
Date: Fri Mar 21 12:02:38 2025 +0000
core193: Ship backup.pl and IP blocklist sources
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
-----------------------------------------------------------------------
Summary of changes:
config/cfgroot/ipblocklist-functions.pl | 6 ++++--
config/ipblocklist/sources | 36 ++++++++++++++++++-------------
config/rootfiles/core/193/filelists/files | 3 +++
3 files changed, 28 insertions(+), 17 deletions(-)
Difference in files:
diff --git a/config/cfgroot/ipblocklist-functions.pl b/config/cfgroot/ipblocklist-functions.pl
index bd026a01d..665dadb4c 100644
--- a/config/cfgroot/ipblocklist-functions.pl
+++ b/config/cfgroot/ipblocklist-functions.pl
@@ -2,7 +2,7 @@
###############################################################################
# #
# IPFire.org - A linux based firewall #
-# Copyright (C) 2007-2022 IPFire Team <info@ipfire.org> #
+# Copyright (C) 2007-2025 IPFire Team <info@ipfire.org> #
# #
# This program is free software: you can redistribute it and/or modify #
# it under the terms of the GNU General Public License as published by #
@@ -118,13 +118,15 @@ sub download_and_create_blocklist($) {
use LWP::UserAgent;
# Create a user agent for downloading the blacklist
+ # Define the User Agent string
# Limit the download size for safety
+ my $user_agent = &General::MakeUserAgent();
my $ua = LWP::UserAgent->new (
ssl_opts => {
SSL_ca_file => '/etc/ssl/cert.pem',
verify_hostname => 1,
},
-
+ agent => $user_agent,
max_size => $max_dl_bytes,
);
diff --git a/config/ipblocklist/sources b/config/ipblocklist/sources
index a25353528..0e26792d6 100644
--- a/config/ipblocklist/sources
+++ b/config/ipblocklist/sources
@@ -112,21 +112,27 @@ our %sources = ( 'EMERGING_FWRULE' => { 'name' => 'Emerging Threats Blocklis
'rate' => '30m',
'category' => 'attacker' },
'3CORESEC_SSH' => { 'name' => '3CORESec SSH Activity Blocklist',
- 'url' => 'https://blacklist.3coresec.net/lists/ssh.txt',
- 'info' => 'https://blacklist.3coresec.net',
- 'parser' => 'ip-or-net-list',
- 'rate' => '1d',
- 'category' => 'attacker' },
+ 'url' => 'https://blacklist.3coresec.net/lists/ssh.txt',
+ 'info' => 'https://blacklist.3coresec.net',
+ 'parser' => 'ip-or-net-list',
+ 'rate' => '1d',
+ 'category' => 'attacker' },
'3CORESEC_SCAN' => { 'name' => '3CORESec Scan and IDS Blocklist',
- 'url' => 'https://blacklist.3coresec.net/lists/misc.txt',
- 'info' => 'https://blacklist.3coresec.net',
- 'parser' => 'ip-or-net-list',
- 'rate' => '1d',
- 'category' => 'reputation' },
+ 'url' => 'https://blacklist.3coresec.net/lists/misc.txt',
+ 'info' => 'https://blacklist.3coresec.net',
+ 'parser' => 'ip-or-net-list',
+ 'rate' => '1d',
+ 'category' => 'reputation' },
'3CORESEC_WEB' => { 'name' => '3CORESec Web Server Activity Blocklist',
- 'url' => 'https://blacklist.3coresec.net/lists/http.txt',
- 'info' => 'https://blacklist.3coresec.net',
- 'parser' => 'ip-or-net-list',
- 'rate' => '1d',
- 'category' => 'attacker' }
+ 'url' => 'https://blacklist.3coresec.net/lists/http.txt',
+ 'info' => 'https://blacklist.3coresec.net',
+ 'parser' => 'ip-or-net-list',
+ 'rate' => '1d',
+ 'category' => 'attacker' },
+ 'THREATVIEW_IO_IP' => { 'name' => 'Threatview.io Malicious IP Blocklist for known Bad IP addresses',
+ 'url' => 'https://threatview.io/Downloads/IP-High-Confidence-Feed.txt',
+ 'info' => 'https://threatview.io/#services',
+ 'parser' => 'ip-or-net-list',
+ 'rate' => '1d',
+ 'category' => 'reputation' }
);
diff --git a/config/rootfiles/core/193/filelists/files b/config/rootfiles/core/193/filelists/files
index 0d5c189b9..303c465e4 100644
--- a/config/rootfiles/core/193/filelists/files
+++ b/config/rootfiles/core/193/filelists/files
@@ -4,4 +4,7 @@ srv/web/ipfire/cgi-bin/vpnmain.cgi
usr/lib/perl5/5.36.0/JSON/PP
usr/lib/perl5/5.36.0/JSON/PP.pm
usr/lib/perl5/5.36.0/JSON/PP/Boolean.pm
+var/ipfire/backup/bin/backup.pl
var/ipfire/backup/exclude
+var/ipfire/ipblocklist/sources
+var/ipfire/ipblocklist-functions.pl
hooks/post-receive
--
IPFire 2.x development tree
^ permalink raw reply [flat|nested] only message in thread
only message in thread, other threads:[~2025-03-21 15:11 UTC | newest]
Thread overview: (only message) (download: mbox.gz / follow: Atom feed)
-- links below jump to the message on this page --
2025-03-21 15:11 [git.ipfire.org] IPFire 2.x development tree branch, master, updated. d028a679ab0a9a7fd29e2cf31a2fd3761f261fe1 Michael Tremer
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox