Paweł Krawczyk
aeb4db5afe
Merge pull request #3 from shonjir/logging-bug-fixes
...
Logging fixes
2016-05-02 19:35:50 +01:00
shonjir
2a70fcc587
Logging fixes
...
LIMIT variable is required for logging; set a sane default before loading configuration
Restore prior behavior where "log" keyword is first parameter on command line
2016-05-01 13:26:59 -07:00
Paweł Krawczyk
125a3ac74f
add -n flag to iptables -L to prevent DNS resolution
2016-04-25 17:49:52 +01:00
Paweł Krawczyk
c3c83c5092
Merge pull request #1 from AlexLaroche/master
...
Fix problems in the script for Openwrt
2016-03-10 06:37:23 +00:00
Alexandre Laroche
ff2864035d
Update blacklist.sh
2016-03-09 18:11:43 -05:00
Alexandre Laroche
5ca9873203
Update blacklist.sh
2016-03-09 18:09:51 -05:00
Paweł Krawczyk
b14355ce2c
remove bash syntax that doesn't work on OpenWRT
2016-02-11 15:42:17 +00:00
Paweł Krawczyk
f408072a81
source the config file instead of reading line by line
2016-01-18 18:17:58 +00:00
Paweł Krawczyk
a93e2b606d
make Curl follow redirects (-L)
...
Submitted by John
2015-10-25 22:33:49 +00:00
Pawel Krawczyk
9d483af7bb
load URLs from a config file
2015-07-12 10:33:54 +01:00
Pawel Krawczyk
f3443ae787
it's not Python... fix if syntax
2015-07-11 08:24:38 +01:00
Pawel Krawczyk
048ecb0e3b
add support for iblocklist.com
2015-07-09 15:43:22 +01:00
Pawel Krawczyk
f31e9e35eb
example from iptables
2015-07-09 15:16:27 +01:00
Pawel Krawczyk
75facf667a
add comment on formatting
2015-07-09 14:54:42 +01:00
Pawel Krawczyk
480715f44c
fix IP regexp to support CIDR subnets and split src,dst into two separate rules
...
sent by Pierre Gaufillet
2015-06-02 10:15:44 +01:00
Pawel Krawczyk
75cee0fdfe
only log if "log" option given
2015-05-18 15:50:15 +01:00
Pawel Krawczyk
173f4db0f9
add "nolog" option
2015-05-18 15:49:01 +01:00
Pawel Krawczyk
f0ba9ab2fe
typo
2015-01-12 13:46:59 +00:00
Pawel Krawczyk
307f13539d
truncate set name to avoid iptables v1.4.7: Maximum prefix length 29 for --log-prefix
...
manually handle compressed file only if no --compressed option was used
2015-01-12 13:45:28 +00:00
Pawel Krawczyk
c526a31504
do not display error messages from which
2015-01-12 10:57:11 +00:00
Pawel Krawczyk
ec88385487
fix compressed file name
2015-01-09 13:04:33 +00:00
Pawel Krawczyk
831330ef85
typo
2015-01-09 13:01:48 +00:00
Pawel Krawczyk
bb1c726836
handle compressed content from blocklist.de
2015-01-09 13:00:46 +00:00
Pawel Krawczyk
3d8e2052c3
add badips.com
2015-01-09 12:16:57 +00:00
Pawel Krawczyk
22f51c76b4
make executable
2015-01-09 12:12:48 +00:00
Pawel Krawczyk
bfaa812561
mention Dropbear rule
2015-01-08 23:57:08 +00:00
Pawel Krawczyk
8e5f1da414
add OpenWRT documentation
2015-01-08 23:51:24 +00:00
Pawel Krawczyk
09a513c4c5
add OpenWRT script
2015-01-08 23:44:22 +00:00
Pawel Krawczyk
9dee5ec650
obsolete semicolon
2015-01-08 23:41:14 +00:00
Pawel Krawczyk
22a2b771db
reword warning on bogons, add info about daily updates
2015-01-07 11:23:22 +00:00
Pawel Krawczyk
3647c11f66
add OSSEC and manual-blacklist
2015-01-07 11:17:58 +00:00
Pawel Krawczyk
cf891f6bea
add sample output
2015-01-07 11:04:43 +00:00
Pawel Krawczyk
37a5283b5d
OpenWRT curl doesn't support --compressed
2015-01-07 10:58:42 +00:00
Pawel Krawczyk
660d661551
merged with blacklist.sh
2015-01-07 10:57:16 +00:00
Pawel Krawczyk
f2b54af727
install into proper chains
2015-01-07 10:57:00 +00:00
Pawel Krawczyk
097a52fcad
update docs
2015-01-07 10:51:47 +00:00
Pawel Krawczyk
86c3690499
chmod +x
2015-01-07 10:30:05 +00:00
Pawel Krawczyk
f672ccfc60
add OSSEC active response script
2015-01-07 10:29:52 +00:00
Pawel Krawczyk
1d865b2111
make rules stateless to catch existing connections
2015-01-07 10:13:25 +00:00
Pawel Krawczyk
84567f1845
make rules stateless so that new blacklist entry works for existing connections as well
2015-01-06 10:19:16 +00:00
Pawel Krawczyk
3aa2bc36b8
use random name for temp set
2014-12-31 17:39:05 +00:00
Pawel Krawczyk
9a4ceabb01
only create set if it does not exist
2014-12-31 17:34:16 +00:00
Pawel Krawczyk
e974b64c5a
mute warning messages when set already exists
2014-12-30 16:08:32 +00:00
Pawel Krawczyk
2b119b9b22
initialize a manual-blacklist set
2014-12-23 12:20:16 +00:00
Pawel Krawczyk
751c0dc403
attempt to create the original set to ensure it exists before swap operation
...
otherwise it will crash on the very first run on new systems
2014-12-01 12:35:04 +00:00
Pawel Krawczyk
1680830f91
do not destroy temp set on init
2014-11-26 10:34:51 +00:00
Pawel Krawczyk
642905d0ff
delete right file name
2014-11-26 10:27:09 +00:00
Pawel Krawczyk
20af55299c
wc bug and file name bug
2014-11-26 10:25:03 +00:00
Pawel Krawczyk
4e6da933fa
append, not overwrite
2014-11-26 10:21:19 +00:00
Pawel Krawczyk
9678b0d259
use ipset restore feature for faster loads
2014-11-26 10:19:50 +00:00