Commit Graph

637 Commits

Author SHA1 Message Date
Simone Rossetto
37cc34ea27 update-ipsets: change dshield url 2023-03-07 17:39:00 +01:00
Markus Witt
86b1729b37 update-ipsets: fix NiX Spam URL 2022-03-25 19:23:25 +01:00
Dimitris Apostolou
8e3735fc2a
Fix typos 2022-02-06 10:48:52 +02:00
Lycano
5f5ed94602 Add more rules to malformed-bad and also name them 2021-02-15 15:14:52 +01:00
Lycano
9db2cd0496 Cleanup whitespaces in /sbin/firehol 2021-02-15 15:13:24 +01:00
Jan Petykiewicz
77d47deb28 workaround for cases where "-ifb" gets truncated
This will fail if there are multiple USB interfaces with very similar
MAC addresses, but at the moment _none_ of them would work at all.
2020-09-27 23:14:10 -07:00
Henry N
6c9c1b5a9d
Message typofix "droping TCP RST packets" 2020-04-14 18:17:06 +02:00
philwhineray
e5ad170542
Merge pull request #380 from tycho/blacklist-add-nolog-option
blacklist: add "nolog" option
2020-02-01 08:39:04 +00:00
Steven Noonan
f2828bbb81
blacklist: reject with tcp-reset for outbound TCP connections
Signed-off-by: Steven Noonan <steven@uplinklabs.net>
2020-01-28 11:24:51 -08:00
Steven Noonan
9872442afb
blacklist: add "nolog" option
Signed-off-by: Steven Noonan <steven@uplinklabs.net>
2020-01-28 11:24:29 -08:00
Patrik Jonsson
10c5238844
Spelling error 2019-03-04 08:56:15 +01:00
Steven Noonan
0215542d28
firehol: don't drop icmpv6 rules with FIREHOL_RULESET_MODE optimal
ICMPv6 packets are stateless and necessary for basic interoperability.
If rules around them are dropped (as is the current behavior with
optimal mode), then assigned IPv6 addresses expire and eventually IPv6
connectivity is lost altogether.

Fixes: #372
Signed-off-by: Steven Noonan <steven@uplinklabs.net>
2018-11-05 07:38:41 -08:00
Philip Whineray
193b3ed522 Fix to low-res timer check
Latest openwrt recognises the %N but returns nothing
2018-08-19 17:36:19 +01:00
Costa Tsaousis (ktsaou)
1068905305
updated URLs for coinbl (moved from github to gitlab) 2018-06-10 23:16:28 +03:00
Costa Tsaousis (ktsaou)
22fde156b4
detect incocistent cache during post-processing 2018-05-15 14:18:18 +03:00
Costa Tsaousis (ktsaou)
ffdb44d1bf
forced ipset reprocessing enabled 2018-05-15 14:04:28 +03:00
Costa Tsaousis (ktsaou)
97597301e5
relaxed conditions for reprocessing 2018-05-15 13:44:59 +03:00
Costa Tsaousis (ktsaou)
a6d4621074
fixed condition 2018-05-15 13:40:45 +03:00
Costa Tsaousis (ktsaou)
91f60a8c99
added more info 2018-05-15 13:39:09 +03:00
Costa Tsaousis (ktsaou)
5546dd454c
fixed typo 2018-05-15 13:35:21 +03:00
Costa Tsaousis (ktsaou)
52ece42aec
detect cache file incocistency and reprocess the ipset 2018-05-15 13:34:19 +03:00
Costa Tsaousis (ktsaou)
618f8627f7
create backups of ipset metadata 2018-05-14 19:03:59 +03:00
Costa Tsaousis (ktsaou)
ad83ccf5d6
update-ipsets was incorrectly filtering out subnets with /30 2018-04-19 03:40:17 +03:00
Costa Tsaousis (ktsaou)
6911e1401d
fix recently added ipsets for support for IPs and subnets 2018-04-19 03:03:35 +03:00
Costa Tsaousis (ktsaou)
2a55596bab
added ip2proxy_px1lite to firehol_proxies 2018-04-19 02:22:57 +03:00
Costa Tsaousis (ktsaou)
b527f43124
added ip2location lite ip2proxy px1 2018-04-19 01:59:17 +03:00
Costa Tsaousis (ktsaou)
547e2f4f1e
added geolite2_asn (disabled) and datacenter 2018-04-18 11:23:35 +03:00
Costa Tsaousis
396d796c00
Merge pull request #316 from hcouplet/fix-linkdown-iface
Issue #211. fix link balancer and ignore linkdown
2018-03-24 13:47:21 +02:00
Costa Tsaousis (ktsaou)
fa15316b5e
added option FIREHOL_ACCEPT_OUTPUT_UNMATCHED_TCP_RST 2018-03-07 14:38:03 +02:00
Costa Tsaousis (ktsaou)
b776394cde
allow DROP_INVALID with any action (e.g. REJECT) 2018-03-06 15:47:01 +02:00
Herve Couplet
386ee4b9ce fix sed command : use instead of sed 2018-03-06 04:48:30 +01:00
Costa Tsaousis (ktsaou)
02cf5cb1fc
fireqos status now works with newer iproute; fixes #317 2018-03-05 21:01:54 +02:00
Herve Couplet
7da644e4a4 fix link balancer and ignore linkdown. with linkdown, routes can not be added or deleted as they are marked invalid 2018-03-01 00:52:44 +01:00
Pieter du Preez
ba494063c1 Moved the service definitions out of firehol and fireqos.
This commit moves the service definitions from firehol and fireqos into
the following files:

   - sbin/services.common
   - sbin/services.firehol
   - sbin/services.fireqos

The sbin/services.common file is now sourced by firehol and fireqos,
in addition to their respective sbin/services.fire(hol|qos) files.

The goal of this commit was to simplify maintenance of service definitions.
2018-02-14 21:22:28 +01:00
Costa Tsaousis (ktsaou)
1f1a008d8d
added CoinBlockerLists 2017-12-08 23:41:26 +02:00
Costa Tsaousis (ktsaou)
bef9ca5f3d
allow matching DSCP CS0; fixes #288 2017-12-08 00:35:30 +02:00
Costa Tsaousis (ktsaou)
5c13f70d29
use \$DATE_CMD instead of date 2017-12-06 22:26:33 +02:00
Costa Tsaousis (ktsaou)
9fddacf7c4
added normshield.com feeds 2017-12-06 22:19:51 +02:00
Costa Tsaousis (ktsaou)
691ebd5959
allow badips.com lists with hyphen in them; enable more badips.com lists by default 2017-12-04 00:15:06 +02:00
Costa Tsaousis (ktsaou)
cba12ca3b7
allowed improware and cleantalk lists to be emtpy 2017-12-03 23:54:07 +02:00
Costa Tsaousis (ktsaou)
b8a56c13af
deleted proxyspy 2017-12-03 23:45:16 +02:00
Costa Tsaousis (ktsaou)
549a71cddc
remove dragon lists from firehol_level3 2017-12-03 23:29:56 +02:00
Costa Tsaousis (ktsaou)
f3386166e3
enable all badips lists by default 2017-12-03 23:29:27 +02:00
Costa Tsaousis (ktsaou)
e30f42f174
commented obsolete dragon parser 2017-12-03 22:49:17 +02:00
Costa Tsaousis (ktsaou)
436c21cd67
deleted trustedsec_atif; fixes https://github.com/firehol/blocklist-ipsets/issues/47 2017-12-03 22:47:14 +02:00
Costa Tsaousis (ktsaou)
2fc716e270
deleted chaosreigns lists 2017-12-03 22:43:46 +02:00
Costa Tsaousis (ktsaou)
84322d3b33
deleted bitcoin_blockchain_info 2017-12-03 22:40:53 +02:00
Costa Tsaousis (ktsaou)
2d789a0b38
deleted dragon lists 2017-12-03 22:36:13 +02:00
Costa Tsaousis (ktsaou)
fed1403cc3
fixed typo 2017-12-03 21:57:09 +02:00
Costa Tsaousis
adfe489a2f
Merge pull request #282 from ktsaou/master
added postprocess2 to execute commands, after firewall activation
2017-11-14 00:40:49 +02:00