Hello mailing list followers,
it has been done - the port of the well known (ipblacklist) feature from Tim FitzGeorge has been finished.
Now it's time for the final steps. For this I need your help, in testing and giving feedback and/or bug reports.
I've backed and uploaded a test version, which contains all necessary files and modifications. There is also a README file available which gives further details and how to install the test version on your sytems.
This all can be found here:
https://people.ipfire.org/~stevee/ipblocklist/
For those of you which are interested in the source code:
https://git.ipfire.org/?p=people/stevee/ipfire-2.x.git;a=shortlog;h=refs/hea...
Best regards and a happy testing,
-Stefan
Hi Stefan
On Sunday 10 April 2022 12:09 Stefan Schantl wrote:
Hello mailing list followers,
it has been done - the port of the well known (ipblacklist) feature from Tim FitzGeorge has been finished.
Now it's time for the final steps. For this I need your help, in testing and giving feedback and/or bug reports.
I've backed and uploaded a test version, which contains all necessary files and modifications. There is also a README file available which gives further details and how to install the test version on your sytems.
This all can be found here:
https://people.ipfire.org/~stevee/ipblocklist/
For those of you which are interested in the source code:
https://git.ipfire.org/?p=people/stevee/ipfire-2.x.git;a=shortlog;h=refs/hea...
Best regards and a happy testing,
-Stefan
I'll have to uninstall Tim's original before I can test your code but looking through your file list, I think you missed the logwatch files:
/usr/share/logwatch/scripts/services/ipbl?cklist /usr/share/logwatch/dist.conf/services/ipbl?cklist.conf
Logwatch shows some quite useful update data from the blocklists in the Log Summary.
Rob
On Monday 11 April 2022 09:25 Rob Brewer wrote:
I'll have to uninstall Tim's original before I can test your code but looking through your file list, I think you missed the logwatch files:
/usr/share/logwatch/scripts/services/ipbl?cklist /usr/share/logwatch/dist.conf/services/ipbl?cklist.conf
Logwatch shows some quite useful update data from the blocklists in the Log Summary.
Sorry I missed off the link.
https://git.ipfire.org/?p=people/helix/ipfire-2.x.git;a=commit;h=cdcfb6171a6...
Rob
Hi Stefan,
In case this item got lost in some of the other chatter on the list
This is a minor nit on the ipblocklist.cgi page. Changing any setting generates the notice to reload the FW ruleset -- showing the words, "Error messages" at the top. It would be nice to have this show the notice -- like the Location Block page -- rather than indicating Error
-Charles
Hello Charles,
no they didn't get lost, simply there have been changed so much in the output. So the old file for logwatch would not work anymore and I'm not familiar with this software.
Shame on me, I forgot to point to this - so please if there is somewhere, which could get this to work again, help is very appreciated.
Thanks in advance,
-Stefan
Hi Stefan, In case this item got lost in some of the other chatter on the list
This is a minor nit on the ipblocklist.cgi page. Changing any setting generates the notice to reload the FW ruleset -- showing the words, "Error messages" at the top. It would be nice to have this show the notice -- like the Location Block page -- rather than indicating Error
-Charles
Hello list followers,
today I've uploaded a new ipblocklist test version (ipblocklist-002).
It has been rebased to work with core update 168 and also contains some bugfixes and new features:
* The update interval now is set to 15 minutes * The WUI now displays the "Firewall reload hint" as notice instead of an error. * The logging of the ipblocklist-update script has been improved. * Support for logwatch has been added. * A bug which sometimes prevents from reloading a blocklist after an update has been performed has been fixed.
HINT: The update instructions are the same than for installing.
WARNING: Any taken settings from previous test versions will be lost, when updating! (Please backup your "/var/ipfire/ipblocklist/settings" file in that case.)
I'm planing to submit this addon to be merged and released with core update 170 so, please heavily test and report any kind of remaining issues.
A big thanks in advance,
-Stefan
Hello mailing list followers,
it has been done - the port of the well known (ipblacklist) feature from Tim FitzGeorge has been finished.
Now it's time for the final steps. For this I need your help, in testing and giving feedback and/or bug reports.
I've backed and uploaded a test version, which contains all necessary files and modifications. There is also a README file available which gives further details and how to install the test version on your sytems.
This all can be found here:
https://people.ipfire.org/~stevee/ipblocklist/
For those of you which are interested in the source code:
https://git.ipfire.org/?p=people/stevee/ipfire-2.x.git;a=shortlog;h=refs/hea...
Best regards and a happy testing,
-Stefan
Hi Stefan,
Thanks for the update. I've applied version 2 to core update 168. I noticed that the root cronjob didn't pick up the update-ipblocklists line by doing:
"tar -xvf ipblocklist-xxx.tar.gz -C /"
I had to add
"# Update Lists for IP-based blocking every 15 minutes. @ 15 [ -f "/var/ipfire/red/active" ] && /usr/local/bin/update-ipblocklists
/dev/null 2>&1
" manually (fcrontab -e)
Jay
On Tue, Jun 21, 2022 at 1:22 PM Stefan Schantl stefan.schantl@ipfire.org wrote:
Hello list followers,
today I've uploaded a new ipblocklist test version (ipblocklist-002).
It has been rebased to work with core update 168 and also contains some bugfixes and new features:
- The update interval now is set to 15 minutes
- The WUI now displays the "Firewall reload hint" as notice instead of
an error.
- The logging of the ipblocklist-update script has been improved.
- Support for logwatch has been added.
- A bug which sometimes prevents from reloading a blocklist after an
update has been performed has been fixed.
HINT: The update instructions are the same than for installing.
WARNING: Any taken settings from previous test versions will be lost, when updating! (Please backup your "/var/ipfire/ipblocklist/settings" file in that case.)
I'm planing to submit this addon to be merged and released with core update 170 so, please heavily test and report any kind of remaining issues.
A big thanks in advance,
-Stefan
Hello mailing list followers,
it has been done - the port of the well known (ipblacklist) feature from Tim FitzGeorge has been finished.
Now it's time for the final steps. For this I need your help, in testing and giving feedback and/or bug reports.
I've backed and uploaded a test version, which contains all necessary files and modifications. There is also a README file available which gives further details and how to install the test version on your sytems.
This all can be found here:
https://people.ipfire.org/~stevee/ipblocklist/
For those of you which are interested in the source code:
https://git.ipfire.org/?p=people/stevee/ipfire-2.x.git;a=shortlog;h=refs/hea...
Best regards and a happy testing,
-Stefan
Hi Stefan ++
On Tuesday 21 June 2022 18:21 Stefan Schantl wrote:
Hello list followers,
today I've uploaded a new ipblocklist test version (ipblocklist-002).
It has been rebased to work with core update 168 and also contains some bugfixes and new features:
- The update interval now is set to 15 minutes
- The WUI now displays the "Firewall reload hint" as notice instead of
an error.
- The logging of the ipblocklist-update script has been improved.
- Support for logwatch has been added.
- A bug which sometimes prevents from reloading a blocklist after an
update has been performed has been fixed.
HINT: The update instructions are the same than for installing.
WARNING: Any taken settings from previous test versions will be lost, when updating! (Please backup your "/var/ipfire/ipblocklist/settings" file in that case.)
I'm planing to submit this addon to be merged and released with core update 170 so, please heavily test and report any kind of remaining issues.
A big thanks in advance,
-Stefan
I have installed -002 on my test system along with Jay's fcrontab fix and from initial results seems to be working the same as Tim's original addon.
The 'Log Summary' now shows the IP Blocklist correctly and the blocklist update looks OK.
I'll run -002 on my test system for a few days and if it looks OK I'll run it on my production box where it will be exposed to the internet.
Thank you for all your work on this.
Rob
Hello mailing list followers,
it has been done - the port of the well known (ipblacklist) feature from Tim FitzGeorge has been finished.
Now it's time for the final steps. For this I need your help, in testing and giving feedback and/or bug reports.
I've backed and uploaded a test version, which contains all necessary files and modifications. There is also a README file available which gives further details and how to install the test version on your sytems.
This all can be found here:
https://people.ipfire.org/~stevee/ipblocklist/
For those of you which are interested in the source code:
https://git.ipfire.org/?p=people/stevee/ipfire-2.x.git;a=shortlog;h=refs/hea...
Best regards and a happy testing,
-Stefan
Hi Stefan
On Tuesday 21 June 2022 18:21 Stefan Schantl wrote:
Hello list followers,
today I've uploaded a new ipblocklist test version (ipblocklist-002).
It has been rebased to work with core update 168 and also contains some bugfixes and new features:
- The update interval now is set to 15 minutes
- The WUI now displays the "Firewall reload hint" as notice instead of
an error.
- The logging of the ipblocklist-update script has been improved.
- Support for logwatch has been added.
- A bug which sometimes prevents from reloading a blocklist after an
update has been performed has been fixed.
HINT: The update instructions are the same than for installing.
WARNING: Any taken settings from previous test versions will be lost, when updating! (Please backup your "/var/ipfire/ipblocklist/settings" file in that case.)
I'm planing to submit this addon to be merged and released with core update 170 so, please heavily test and report any kind of remaining issues.
A big thanks in advance,
-Stefan
There seems to be a problem with the 'disable' function in the sources list. For instance if I enable the BOGON list and the attempt to enable the BOGON_FULL list in IPBlacklist I see the error message "Disabling BOGON because it is included in BOGON_FULL" after selecting 'save' and the 'enable box' would be un-ticked. This isn't happening in -002 and I can select both BOGON lists.
Rob
Hello mailing list followers,
it has been done - the port of the well known (ipblacklist) feature from Tim FitzGeorge has been finished.
Now it's time for the final steps. For this I need your help, in testing and giving feedback and/or bug reports.
I've backed and uploaded a test version, which contains all necessary files and modifications. There is also a README file available which gives further details and how to install the test version on your sytems.
This all can be found here:
https://people.ipfire.org/~stevee/ipblocklist/
For those of you which are interested in the source code:
https://git.ipfire.org/?p=people/stevee/ipfire-2.x.git;a=shortlog;h=refs/hea...
Best regards and a happy testing,
-Stefan
Hi,
On 25.06.2022 16:18, Rob Brewer wrote:
Hi Stefan
On Tuesday 21 June 2022 18:21 Stefan Schantl wrote:
Hello list followers,
today I've uploaded a new ipblocklist test version (ipblocklist-002).
It has been rebased to work with core update 168 and also contains some bugfixes and new features:
- The update interval now is set to 15 minutes
- The WUI now displays the "Firewall reload hint" as notice instead of
an error.
- The logging of the ipblocklist-update script has been improved.
- Support for logwatch has been added.
- A bug which sometimes prevents from reloading a blocklist after an
update has been performed has been fixed.
HINT: The update instructions are the same than for installing.
WARNING: Any taken settings from previous test versions will be lost, when updating! (Please backup your "/var/ipfire/ipblocklist/settings" file in that case.)
I'm planing to submit this addon to be merged and released with core update 170 so, please heavily test and report any kind of remaining issues.
A big thanks in advance,
-Stefan
There seems to be a problem with the 'disable' function in the sources list. For instance if I enable the BOGON list and the attempt to enable the BOGON_FULL list in IPBlacklist I see the error message "Disabling BOGON because it is included in BOGON_FULL" after selecting 'save' and the 'enable box' would be un-ticked. This isn't happening in -002 and I can select both BOGON lists.
I can confirm with -002.
Matthias
Rob
Hello mailing list followers,
it has been done - the port of the well known (ipblacklist) feature from Tim FitzGeorge has been finished.
Now it's time for the final steps. For this I need your help, in testing and giving feedback and/or bug reports.
I've backed and uploaded a test version, which contains all necessary files and modifications. There is also a README file available which gives further details and how to install the test version on your sytems.
This all can be found here:
https://people.ipfire.org/~stevee/ipblocklist/
For those of you which are interested in the source code:
https://git.ipfire.org/?p=people/stevee/ipfire-2.x.git;a=shortlog;h=refs/hea...
Best regards and a happy testing,
-Stefan
Hi Stefan,
I've updated to Core Update 169 and the ip block list menus are all "blanked" out. Do I need to reinstall the patch to restore them?
Jay
On Tue, Jun 21, 2022 at 1:22 PM Stefan Schantl stefan.schantl@ipfire.org wrote:
Hello list followers,
today I've uploaded a new ipblocklist test version (ipblocklist-002).
It has been rebased to work with core update 168 and also contains some bugfixes and new features:
- The update interval now is set to 15 minutes
- The WUI now displays the "Firewall reload hint" as notice instead of
an error.
- The logging of the ipblocklist-update script has been improved.
- Support for logwatch has been added.
- A bug which sometimes prevents from reloading a blocklist after an
update has been performed has been fixed.
HINT: The update instructions are the same than for installing.
WARNING: Any taken settings from previous test versions will be lost, when updating! (Please backup your "/var/ipfire/ipblocklist/settings" file in that case.)
I'm planing to submit this addon to be merged and released with core update 170 so, please heavily test and report any kind of remaining issues.
A big thanks in advance,
-Stefan
Hello mailing list followers,
it has been done - the port of the well known (ipblacklist) feature from Tim FitzGeorge has been finished.
Now it's time for the final steps. For this I need your help, in testing and giving feedback and/or bug reports.
I've backed and uploaded a test version, which contains all necessary files and modifications. There is also a README file available which gives further details and how to install the test version on your sytems.
This all can be found here:
https://people.ipfire.org/~stevee/ipblocklist/
For those of you which are interested in the source code:
https://git.ipfire.org/?p=people/stevee/ipfire-2.x.git;a=shortlog;h=refs/hea...
Best regards and a happy testing,
-Stefan
Hello Jay,
until ipblocklist has been released as regular feature (will be with core update 170) you have to reinstall it each time you perform a core update.
The (re)install/update process is always the same. Please keep in mind to backup and restore your "/var/ipfire/ipblocklist/settinngs" file or you will loose your settings.
Best regards,
-Stefan
Am 14. Juli 2022 14:27:26 schrieb Jay Lubomirski jaylubo@gmail.com:
Hi Stefan,
I've updated to Core Update 169 and the ip block list menus are all "blanked" out. Do I need to reinstall the patch to restore them?
Jay
On Tue, Jun 21, 2022 at 1:22 PM Stefan Schantl stefan.schantl@ipfire.org wrote: Hello list followers,
today I've uploaded a new ipblocklist test version (ipblocklist-002).
It has been rebased to work with core update 168 and also contains some bugfixes and new features:
- The update interval now is set to 15 minutes
- The WUI now displays the "Firewall reload hint" as notice instead of
an error.
- The logging of the ipblocklist-update script has been improved.
- Support for logwatch has been added.
- A bug which sometimes prevents from reloading a blocklist after an
update has been performed has been fixed.
HINT: The update instructions are the same than for installing.
WARNING: Any taken settings from previous test versions will be lost, when updating! (Please backup your "/var/ipfire/ipblocklist/settings" file in that case.)
I'm planing to submit this addon to be merged and released with core update 170 so, please heavily test and report any kind of remaining issues.
A big thanks in advance,
-Stefan
Hello mailing list followers,
it has been done - the port of the well known (ipblacklist) feature from Tim FitzGeorge has been finished.
Now it's time for the final steps. For this I need your help, in testing and giving feedback and/or bug reports.
I've backed and uploaded a test version, which contains all necessary files and modifications. There is also a README file available which gives further details and how to install the test version on your sytems.
This all can be found here:
https://people.ipfire.org/~stevee/ipblocklist/
For those of you which are interested in the source code:
https://git.ipfire.org/?p=people/stevee/ipfire-2.x.git;a=shortlog;h=refs/hea...
Best regards and a happy testing,
-Stefan
Hi,
I just had the time to test a bit.
One glitch:
'ipblocklist.cgi' refused to start:
... Unable to read file /srv/web/ipfire/html/themes//include/colors.txt at /var/ipfire/general-functions.pl line 219. ...
I had to change line 65 from:
... &General::readhash( "/srv/web/ipfire/html/themes/".$mainsettings{'THEME'}."/include/colors.txt", %color ); ...
To:
... &General::readhash("/srv/web/ipfire/html/themes/ipfire/include/colors.txt", %color); ...
Best, Matthias
On 14.07.2022 16:13, Stefan Schantl wrote:
Hello Jay,
until ipblocklist has been released as regular feature (will be with core update 170) you have to reinstall it each time you perform a core update.
The (re)install/update process is always the same. Please keep in mind to backup and restore your "/var/ipfire/ipblocklist/settinngs" file or you will loose your settings.
Best regards,
-Stefan
Am 14. Juli 2022 14:27:26 schrieb Jay Lubomirski jaylubo@gmail.com:
Hi Stefan,
I've updated to Core Update 169 and the ip block list menus are all "blanked" out. Do I need to reinstall the patch to restore them?
Jay
On Tue, Jun 21, 2022 at 1:22 PM Stefan Schantl stefan.schantl@ipfire.org wrote: Hello list followers,
today I've uploaded a new ipblocklist test version (ipblocklist-002).
It has been rebased to work with core update 168 and also contains some bugfixes and new features:
- The update interval now is set to 15 minutes
- The WUI now displays the "Firewall reload hint" as notice instead of
an error.
- The logging of the ipblocklist-update script has been improved.
- Support for logwatch has been added.
- A bug which sometimes prevents from reloading a blocklist after an
update has been performed has been fixed.
HINT: The update instructions are the same than for installing.
WARNING: Any taken settings from previous test versions will be lost, when updating! (Please backup your "/var/ipfire/ipblocklist/settings" file in that case.)
I'm planing to submit this addon to be merged and released with core update 170 so, please heavily test and report any kind of remaining issues.
A big thanks in advance,
-Stefan
Hello mailing list followers,
it has been done - the port of the well known (ipblacklist) feature from Tim FitzGeorge has been finished.
Now it's time for the final steps. For this I need your help, in testing and giving feedback and/or bug reports.
I've backed and uploaded a test version, which contains all necessary files and modifications. There is also a README file available which gives further details and how to install the test version on your sytems.
This all can be found here:
https://people.ipfire.org/~stevee/ipblocklist/
For those of you which are interested in the source code:
https://git.ipfire.org/?p=people/stevee/ipfire-2.x.git;a=shortlog;h=refs/hea...
Best regards and a happy testing,
-Stefan
Hello Matthias,
you are the first one reporting this issue.
Nevertheless, support for themes has been dropped so your suggested fix is correct.
Please send a patch to get rid of it.
Thanks in advance,
-Stefan
Am 14. Juli 2022 17:40:48 schrieb Matthias Fischer matthias.fischer@ipfire.org:
Hi,
I just had the time to test a bit.
One glitch:
'ipblocklist.cgi' refused to start:
... Unable to read file /srv/web/ipfire/html/themes//include/colors.txt at /var/ipfire/general-functions.pl line 219. ...
I had to change line 65 from:
... &General::readhash( "/srv/web/ipfire/html/themes/".$mainsettings{'THEME'}."/include/colors.txt", %color ); ...
To:
... &General::readhash("/srv/web/ipfire/html/themes/ipfire/include/colors.txt", %color); ...
Best, Matthias
On 14.07.2022 16:13, Stefan Schantl wrote:
Hello Jay,
until ipblocklist has been released as regular feature (will be with core update 170) you have to reinstall it each time you perform a core update.
The (re)install/update process is always the same. Please keep in mind to backup and restore your "/var/ipfire/ipblocklist/settinngs" file or you will loose your settings.
Best regards,
-Stefan
Am 14. Juli 2022 14:27:26 schrieb Jay Lubomirski jaylubo@gmail.com:
Hi Stefan,
I've updated to Core Update 169 and the ip block list menus are all "blanked" out. Do I need to reinstall the patch to restore them?
Jay
On Tue, Jun 21, 2022 at 1:22 PM Stefan Schantl stefan.schantl@ipfire.org wrote: Hello list followers,
today I've uploaded a new ipblocklist test version (ipblocklist-002).
It has been rebased to work with core update 168 and also contains some bugfixes and new features:
- The update interval now is set to 15 minutes
- The WUI now displays the "Firewall reload hint" as notice instead of
an error.
- The logging of the ipblocklist-update script has been improved.
- Support for logwatch has been added.
- A bug which sometimes prevents from reloading a blocklist after an
update has been performed has been fixed.
HINT: The update instructions are the same than for installing.
WARNING: Any taken settings from previous test versions will be lost, when updating! (Please backup your "/var/ipfire/ipblocklist/settings" file in that case.)
I'm planing to submit this addon to be merged and released with core update 170 so, please heavily test and report any kind of remaining issues.
A big thanks in advance,
-Stefan
Hello mailing list followers,
it has been done - the port of the well known (ipblacklist) feature from Tim FitzGeorge has been finished.
Now it's time for the final steps. For this I need your help, in testing and giving feedback and/or bug reports.
I've backed and uploaded a test version, which contains all necessary files and modifications. There is also a README file available which gives further details and how to install the test version on your sytems.
This all can be found here:
https://people.ipfire.org/~stevee/ipblocklist/
For those of you which are interested in the source code:
https://git.ipfire.org/?p=people/stevee/ipfire-2.x.git;a=shortlog;h=refs/hea...
Best regards and a happy testing,
-Stefan
On 10.04.2022 13:09, Stefan Schantl wrote:
Hello mailing list followers,
Hi Stefan,
it has been done - the port of the well known (ipblacklist) feature from Tim FitzGeorge has been finished.
Now it's time for the final steps. For this I need your help, in testing and giving feedback and/or bug reports. ...
I took a closer look at 'ipblocklist' in the last week and I noticed a few things. Everything seems to work, I'm just curious:
E.g., 'ipblocklist.dat' (IP Address Blocklist Logs) shows a total number of "168 hits" for today (July 21). These are "150 hits" for BLOCKLIST_DE and "18 hits" for SHODAN.
When I look at the IPTables "BLOCKLISTIN" chain I find "614 pkts" for BLOCKLIST_DE_DROP (match-set BLOCKLIST_DE src) and "95 pkts" for SHODAN_DROP (match-set SHODAN src).
Why do these numbers differ? Different time slots?
Best, Matthias
-
Charles Brown -
Jay Lubomirski -
Matthias Fischer -
Rob Brewer -
Stefan Schantl