From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: from mail02.haj.ipfire.org (localhost [127.0.0.1]) by mail02.haj.ipfire.org (Postfix) with ESMTP id 4ZK5W83LJTz32pC for ; Fri, 21 Mar 2025 15:11:16 +0000 (UTC) Received: from mail01.ipfire.org (mail01.haj.ipfire.org [172.28.1.202]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature ECDSA (secp384r1) client-signature RSA-PSS (4096 bits)) (Client CN "mail01.haj.ipfire.org", Issuer "R10" (verified OK)) by mail02.haj.ipfire.org (Postfix) with ESMTPS id 4ZK5W83BQ4z32mP for ; Fri, 21 Mar 2025 15:11:16 +0000 (UTC) Received: from people01.haj.ipfire.org (people01.haj.ipfire.org [172.28.1.161]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) client-signature ECDSA (secp384r1)) (Client CN "people01.haj.ipfire.org", Issuer "E6" (verified OK)) by mail01.ipfire.org (Postfix) with ESMTPS id 4ZK5W772hFz7jG for ; Fri, 21 Mar 2025 15:11:15 +0000 (UTC) DKIM-Signature: v=1; a=ed25519-sha256; c=relaxed/relaxed; d=ipfire.org; s=202003ed25519; t=1742569876; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc; bh=/cip0XELTOCNmJRYdDLIFUsQC5itxpw5nEn34HH75VI=; b=ais9fbaYdXTRry5eTuVAt4int7wq4u7hyDrLihqO4oAbz6gI4o7++IweDyP1aqIXKeZDVk vu2i1Q//P7IYidAQ== DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=ipfire.org; s=202003rsa; t=1742569876; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc; bh=/cip0XELTOCNmJRYdDLIFUsQC5itxpw5nEn34HH75VI=; b=pBQZxGnW2jiw6ZBHyYPLgEi9KjaCjQ+k4FH4oDxRiXLldfIN1foBbQLLeoTuTbgY03+wjX Gr2YPsNiiMKwlZxN3sCZaSFanhKaQ41ANHyeYApP7jV4MOdkbNkZy93FsK6coHIt66n6oo viw8ao3Qv4XKjem6Sp5fsxSm3OCNu0w5F69od3RZBmHi4kxCE+NULEtXe7n1K33RUoHLXF lHW62NwsUJHimSXc6mHS0JnGw1sZjBNWphEkIyk4O7S4dFYMpLX0b8JUQrcHU7Kg4Jfv54 DoXywAJfo2ItPykM3IVOVEqxnXCT4BsMcL7c9QEuftUQ9XzX9K+cw9B+IA7v4w== Received: by people01.haj.ipfire.org (Postfix, from userid 1000) id 4ZK5W76f34z2xsr; Fri, 21 Mar 2025 15:11:15 +0000 (UTC) To: ipfire-scm@lists.ipfire.org Subject: [git.ipfire.org] IPFire 2.x development tree branch, next, updated. 380c113b0755aa30eaf8479cb23772eaab6cf759 X-Git-Refname: refs/heads/next X-Git-Reftype: branch X-Git-Oldrev: ba4bc8da4eec7fdb43d8c0b444aec8b2343deb86 X-Git-Newrev: 380c113b0755aa30eaf8479cb23772eaab6cf759 Message-Id: <4ZK5W76f34z2xsr@people01.haj.ipfire.org> Date: Fri, 21 Mar 2025 15:11:15 +0000 (UTC) From: Michael Tremer Precedence: list List-Id: List-Subscribe: , List-Unsubscribe: , List-Post: List-Help: Sender: Mail-Followup-To: This is an automated email from the git hooks/post-receive script. It was generated because a ref change was pushed to the repository containing the project "IPFire 2.x development tree". The branch, next has been updated via 380c113b0755aa30eaf8479cb23772eaab6cf759 (commit) via d028a679ab0a9a7fd29e2cf31a2fd3761f261fe1 (commit) via 4c3fa8ead093c2299d45bbc5538271aa41f31be5 (commit) via 80dc5de20c2fb6e67e7b9a66cab540336f1469bd (commit) via 11cd611e5c84d124c7a5fabc1792580c0c662df4 (commit) from ba4bc8da4eec7fdb43d8c0b444aec8b2343deb86 (commit) Those revisions listed above that are new to this repository have not appeared on any other notification email; so we list those revisions in full, below. - Log ----------------------------------------------------------------- commit 380c113b0755aa30eaf8479cb23772eaab6cf759 Merge: ba4bc8da4e d028a679ab Author: Michael Tremer Date: Fri Mar 21 15:11:05 2025 +0000 Merge branch 'master' into next ----------------------------------------------------------------------- Summary of changes: config/cfgroot/ipblocklist-functions.pl | 6 +++-- config/ipblocklist/sources | 36 ++++++++++++++++------------ config/rootfiles/oldcore/193/filelists/files | 3 +++ 3 files changed, 28 insertions(+), 17 deletions(-) Difference in files: diff --git a/config/cfgroot/ipblocklist-functions.pl b/config/cfgroot/ipblocklist-functions.pl index bd026a01d..665dadb4c 100644 --- a/config/cfgroot/ipblocklist-functions.pl +++ b/config/cfgroot/ipblocklist-functions.pl @@ -2,7 +2,7 @@ ############################################################################### # # # IPFire.org - A linux based firewall # -# Copyright (C) 2007-2022 IPFire Team # +# Copyright (C) 2007-2025 IPFire Team # # # # This program is free software: you can redistribute it and/or modify # # it under the terms of the GNU General Public License as published by # @@ -118,13 +118,15 @@ sub download_and_create_blocklist($) { use LWP::UserAgent; # Create a user agent for downloading the blacklist + # Define the User Agent string # Limit the download size for safety + my $user_agent = &General::MakeUserAgent(); my $ua = LWP::UserAgent->new ( ssl_opts => { SSL_ca_file => '/etc/ssl/cert.pem', verify_hostname => 1, }, - + agent => $user_agent, max_size => $max_dl_bytes, ); diff --git a/config/ipblocklist/sources b/config/ipblocklist/sources index a25353528..0e26792d6 100644 --- a/config/ipblocklist/sources +++ b/config/ipblocklist/sources @@ -112,21 +112,27 @@ our %sources = ( 'EMERGING_FWRULE' => { 'name' => 'Emerging Threats Blocklis 'rate' => '30m', 'category' => 'attacker' }, '3CORESEC_SSH' => { 'name' => '3CORESec SSH Activity Blocklist', - 'url' => 'https://blacklist.3coresec.net/lists/ssh.txt', - 'info' => 'https://blacklist.3coresec.net', - 'parser' => 'ip-or-net-list', - 'rate' => '1d', - 'category' => 'attacker' }, + 'url' => 'https://blacklist.3coresec.net/lists/ssh.txt', + 'info' => 'https://blacklist.3coresec.net', + 'parser' => 'ip-or-net-list', + 'rate' => '1d', + 'category' => 'attacker' }, '3CORESEC_SCAN' => { 'name' => '3CORESec Scan and IDS Blocklist', - 'url' => 'https://blacklist.3coresec.net/lists/misc.txt', - 'info' => 'https://blacklist.3coresec.net', - 'parser' => 'ip-or-net-list', - 'rate' => '1d', - 'category' => 'reputation' }, + 'url' => 'https://blacklist.3coresec.net/lists/misc.txt', + 'info' => 'https://blacklist.3coresec.net', + 'parser' => 'ip-or-net-list', + 'rate' => '1d', + 'category' => 'reputation' }, '3CORESEC_WEB' => { 'name' => '3CORESec Web Server Activity Blocklist', - 'url' => 'https://blacklist.3coresec.net/lists/http.txt', - 'info' => 'https://blacklist.3coresec.net', - 'parser' => 'ip-or-net-list', - 'rate' => '1d', - 'category' => 'attacker' } + 'url' => 'https://blacklist.3coresec.net/lists/http.txt', + 'info' => 'https://blacklist.3coresec.net', + 'parser' => 'ip-or-net-list', + 'rate' => '1d', + 'category' => 'attacker' }, + 'THREATVIEW_IO_IP' => { 'name' => 'Threatview.io Malicious IP Blocklist for known Bad IP addresses', + 'url' => 'https://threatview.io/Downloads/IP-High-Confidence-Feed.txt', + 'info' => 'https://threatview.io/#services', + 'parser' => 'ip-or-net-list', + 'rate' => '1d', + 'category' => 'reputation' } ); diff --git a/config/rootfiles/oldcore/193/filelists/files b/config/rootfiles/oldcore/193/filelists/files index 0d5c189b9..303c465e4 100644 --- a/config/rootfiles/oldcore/193/filelists/files +++ b/config/rootfiles/oldcore/193/filelists/files @@ -4,4 +4,7 @@ srv/web/ipfire/cgi-bin/vpnmain.cgi usr/lib/perl5/5.36.0/JSON/PP usr/lib/perl5/5.36.0/JSON/PP.pm usr/lib/perl5/5.36.0/JSON/PP/Boolean.pm +var/ipfire/backup/bin/backup.pl var/ipfire/backup/exclude +var/ipfire/ipblocklist/sources +var/ipfire/ipblocklist-functions.pl hooks/post-receive -- IPFire 2.x development tree