From mboxrd@z Thu Jan 1 00:00:00 1970
Return-Path: <ipfire-scm+bounces-18-archive=lists.ipfire.org@lists.ipfire.org>
Received: from mail02.haj.ipfire.org (localhost [127.0.0.1])
by mail02.haj.ipfire.org (Postfix) with ESMTP id 4ZK5Vt2SQqz32pC
for <archive@lists.ipfire.org>; Fri, 21 Mar 2025 15:11:02 +0000 (UTC)
Received: from mail01.ipfire.org (mail01.haj.ipfire.org [172.28.1.202])
(using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)
key-exchange X25519 server-signature ECDSA (secp384r1)
client-signature RSA-PSS (4096 bits))
(Client CN "mail01.haj.ipfire.org", Issuer "R10" (verified OK))
by mail02.haj.ipfire.org (Postfix) with ESMTPS id 4ZK5Vt250Bz32mP
for <ipfire-scm@lists.ipfire.org>; Fri, 21 Mar 2025 15:11:02 +0000 (UTC)
Received: from people01.haj.ipfire.org (people01.haj.ipfire.org [172.28.1.161])
(using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)
key-exchange X25519 server-signature RSA-PSS (4096 bits)
client-signature ECDSA (secp384r1))
(Client CN "people01.haj.ipfire.org", Issuer "E6" (verified OK))
by mail01.ipfire.org (Postfix) with ESMTPS id 4ZK5Vs43mMz7jG
for <ipfire-scm@lists.ipfire.org>; Fri, 21 Mar 2025 15:11:01 +0000 (UTC)
DKIM-Signature: v=1; a=ed25519-sha256; c=relaxed/relaxed; d=ipfire.org;
s=202003ed25519; t=1742569861;
h=from:from:reply-to:subject:subject:date:date:message-id:message-id:
to:to:cc; bh=7eDDoDVspPKQ79MzsbMQFOoiWCQf2bLQQ213blMjzDk=;
b=eQP0ehFLmq7tvKKmzJMUA4ux7KIK5YIL3/M1CcjXne/IiapH1QoDOpcLiE6xUESh5m1imq
tOPqOjGNky6jVjDA==
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=ipfire.org; s=202003rsa;
t=1742569861;
h=from:from:reply-to:subject:subject:date:date:message-id:message-id:
to:to:cc; bh=7eDDoDVspPKQ79MzsbMQFOoiWCQf2bLQQ213blMjzDk=;
b=ebopSHUHaoFdfoslSeTiv7jp0mASRBTC3MUV29z3FIn1uJJRX5bW6rB4bglRgQyRfdVKEu
DHj/6x23jDqrIQTdEdF5xFSKypcy8t+pkeS/hTmTRUwvCrZuq5VBHfc33OIgN9IqNLAon4
AJejXndZnxQnvNhNHCWCrnYCFGp/unrXle+gX2Z5gkP0FkMngFrrTeuiejaMofWD3DTMHZ
RbIEFoCzvxMjETfoQGsiQLGRHRnlJCPGQvNflSPPl6wKUwigAitvCCFuRUqG/QwMLD0Wlw
1WYXpg+mQSblnj7sLGkxyDFwUsn7kV2fpfNij+taRPcRakRMNOaI0v+fHV91SQ==
Received: by people01.haj.ipfire.org (Postfix, from userid 1000)
id 4ZK5Vs36vtz2xsr; Fri, 21 Mar 2025 15:11:01 +0000 (UTC)
To: ipfire-scm@lists.ipfire.org
Subject: [git.ipfire.org] IPFire 2.x development tree branch, master, updated. d028a679ab0a9a7fd29e2cf31a2fd3761f261fe1
X-Git-Refname: refs/heads/master
X-Git-Reftype: branch
X-Git-Oldrev: 64f50cf5f089caa2e1cb0de9cf4fa4cf26d4796f
X-Git-Newrev: d028a679ab0a9a7fd29e2cf31a2fd3761f261fe1
Message-Id: <4ZK5Vs36vtz2xsr@people01.haj.ipfire.org>
Date: Fri, 21 Mar 2025 15:11:01 +0000 (UTC)
From: Michael Tremer <git@ipfire.org>
Precedence: list
List-Id: <ipfire-scm.lists.ipfire.org>
List-Subscribe: <https://lists.ipfire.org/>,
<mailto:ipfire-scm+subscribe@lists.ipfire.org?subject=subscribe>
List-Unsubscribe: <https://lists.ipfire.org/>,
<mailto:ipfire-scm+unsubscribe@lists.ipfire.org?subject=unsubscribe>
List-Post: <mailto:ipfire-scm@lists.ipfire.org>
List-Help: <mailto:ipfire-scm+help@lists.ipfire.org?subject=help>
Sender: <ipfire-scm@lists.ipfire.org>
Mail-Followup-To: <ipfire-scm@lists.ipfire.org>
This is an automated email from the git hooks/post-receive script. It was
generated because a ref change was pushed to the repository containing
the project "IPFire 2.x development tree".
The branch, master has been updated
via d028a679ab0a9a7fd29e2cf31a2fd3761f261fe1 (commit)
via 4c3fa8ead093c2299d45bbc5538271aa41f31be5 (commit)
via 80dc5de20c2fb6e67e7b9a66cab540336f1469bd (commit)
via 11cd611e5c84d124c7a5fabc1792580c0c662df4 (commit)
from 64f50cf5f089caa2e1cb0de9cf4fa4cf26d4796f (commit)
Those revisions listed above that are new to this repository have
not appeared on any other notification email; so we list those
revisions in full, below.
- Log -----------------------------------------------------------------
commit d028a679ab0a9a7fd29e2cf31a2fd3761f261fe1
Author: Adolf Belka <adolf.belka@ipfire.org>
Date: Wed Mar 12 12:03:22 2025 +0100
sources: Update ipblocklist with Threatview.io IP list
- Blocklist addition was discussed and agreed at IPFire dev conf call in March 2025.
- Tested on vm system.
- Adjusted the entry alignment for the three 3coresec entries as they had used tabs and
all the rest used spaces for alignment. Now all entries are lined up the same.
Tested-by: Adolf Belka <adolf.belka@ipfire.org>
Signed-off-by: Adolf Belka <adolf.belka@ipfire.org>
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
commit 4c3fa8ead093c2299d45bbc5538271aa41f31be5
Author: Michael Tremer <michael.tremer@ipfire.org>
Date: Fri Mar 21 15:10:08 2025 +0000
core193: Ship ipblocklist-functions.pl
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
commit 80dc5de20c2fb6e67e7b9a66cab540336f1469bd
Author: Adolf Belka <adolf.belka@ipfire.org>
Date: Wed Mar 12 15:46:10 2025 +0100
ipblocklist-functions.pl: Specify an IPFire user agent for the downloads
- As discussed at the IPFire conf call in March 2025, this patch provides an IPFire
specific User Agent string for the IP Block Lists downloads using LWP::UserAgent.
- It turned out that there was already a function in general-functions.pl that creates
an IPFire Useer Agent string. This was used for this IP Blocklist download.
- Currently it gave me the string IPFire/2.29/192.
- This was tested out with the Threatview.io IP blocklist download and it worked fine.
- If this patch is approved and merged then I will let contact Threatview.io to let them
know what our User Agent string is.
Tested-by: Adolf Belka <adolf.belka@ipfire.org>
Signed-off-by: Adolf Belka <adolf.belka@ipfire.org>
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
commit 11cd611e5c84d124c7a5fabc1792580c0c662df4
Author: Michael Tremer <michael.tremer@ipfire.org>
Date: Fri Mar 21 12:02:38 2025 +0000
core193: Ship backup.pl and IP blocklist sources
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
-----------------------------------------------------------------------
Summary of changes:
config/cfgroot/ipblocklist-functions.pl | 6 ++++--
config/ipblocklist/sources | 36 ++++++++++++++++++-------------
config/rootfiles/core/193/filelists/files | 3 +++
3 files changed, 28 insertions(+), 17 deletions(-)
Difference in files:
diff --git a/config/cfgroot/ipblocklist-functions.pl b/config/cfgroot/ipblocklist-functions.pl
index bd026a01d..665dadb4c 100644
--- a/config/cfgroot/ipblocklist-functions.pl
+++ b/config/cfgroot/ipblocklist-functions.pl
@@ -2,7 +2,7 @@
###############################################################################
# #
# IPFire.org - A linux based firewall #
-# Copyright (C) 2007-2022 IPFire Team <info@ipfire.org> #
+# Copyright (C) 2007-2025 IPFire Team <info@ipfire.org> #
# #
# This program is free software: you can redistribute it and/or modify #
# it under the terms of the GNU General Public License as published by #
@@ -118,13 +118,15 @@ sub download_and_create_blocklist($) {
use LWP::UserAgent;
# Create a user agent for downloading the blacklist
+ # Define the User Agent string
# Limit the download size for safety
+ my $user_agent = &General::MakeUserAgent();
my $ua = LWP::UserAgent->new (
ssl_opts => {
SSL_ca_file => '/etc/ssl/cert.pem',
verify_hostname => 1,
},
-
+ agent => $user_agent,
max_size => $max_dl_bytes,
);
diff --git a/config/ipblocklist/sources b/config/ipblocklist/sources
index a25353528..0e26792d6 100644
--- a/config/ipblocklist/sources
+++ b/config/ipblocklist/sources
@@ -112,21 +112,27 @@ our %sources = ( 'EMERGING_FWRULE' => { 'name' => 'Emerging Threats Blocklis
'rate' => '30m',
'category' => 'attacker' },
'3CORESEC_SSH' => { 'name' => '3CORESec SSH Activity Blocklist',
- 'url' => 'https://blacklist.3coresec.net/lists/ssh.txt',
- 'info' => 'https://blacklist.3coresec.net',
- 'parser' => 'ip-or-net-list',
- 'rate' => '1d',
- 'category' => 'attacker' },
+ 'url' => 'https://blacklist.3coresec.net/lists/ssh.txt',
+ 'info' => 'https://blacklist.3coresec.net',
+ 'parser' => 'ip-or-net-list',
+ 'rate' => '1d',
+ 'category' => 'attacker' },
'3CORESEC_SCAN' => { 'name' => '3CORESec Scan and IDS Blocklist',
- 'url' => 'https://blacklist.3coresec.net/lists/misc.txt',
- 'info' => 'https://blacklist.3coresec.net',
- 'parser' => 'ip-or-net-list',
- 'rate' => '1d',
- 'category' => 'reputation' },
+ 'url' => 'https://blacklist.3coresec.net/lists/misc.txt',
+ 'info' => 'https://blacklist.3coresec.net',
+ 'parser' => 'ip-or-net-list',
+ 'rate' => '1d',
+ 'category' => 'reputation' },
'3CORESEC_WEB' => { 'name' => '3CORESec Web Server Activity Blocklist',
- 'url' => 'https://blacklist.3coresec.net/lists/http.txt',
- 'info' => 'https://blacklist.3coresec.net',
- 'parser' => 'ip-or-net-list',
- 'rate' => '1d',
- 'category' => 'attacker' }
+ 'url' => 'https://blacklist.3coresec.net/lists/http.txt',
+ 'info' => 'https://blacklist.3coresec.net',
+ 'parser' => 'ip-or-net-list',
+ 'rate' => '1d',
+ 'category' => 'attacker' },
+ 'THREATVIEW_IO_IP' => { 'name' => 'Threatview.io Malicious IP Blocklist for known Bad IP addresses',
+ 'url' => 'https://threatview.io/Downloads/IP-High-Confidence-Feed.txt',
+ 'info' => 'https://threatview.io/#services',
+ 'parser' => 'ip-or-net-list',
+ 'rate' => '1d',
+ 'category' => 'reputation' }
);
diff --git a/config/rootfiles/core/193/filelists/files b/config/rootfiles/core/193/filelists/files
index 0d5c189b9..303c465e4 100644
--- a/config/rootfiles/core/193/filelists/files
+++ b/config/rootfiles/core/193/filelists/files
@@ -4,4 +4,7 @@ srv/web/ipfire/cgi-bin/vpnmain.cgi
usr/lib/perl5/5.36.0/JSON/PP
usr/lib/perl5/5.36.0/JSON/PP.pm
usr/lib/perl5/5.36.0/JSON/PP/Boolean.pm
+var/ipfire/backup/bin/backup.pl
var/ipfire/backup/exclude
+var/ipfire/ipblocklist/sources
+var/ipfire/ipblocklist-functions.pl
hooks/post-receive
--
IPFire 2.x development tree