sad/firehol
1
0
Fork 0
mirror of https://github.com/firehol/firehol.git synced 2024-06-30 19:02:21 +00:00
Code Issues Packages Projects Releases Wiki Activity
1,431 Commits 5 Branches 37 Tags 5.2 MiB
7d5f32c015
Commit Graph

484 Commits

Author SHA1 Message Date
Costa Tsaousis
7d5f32c015 default user-agent shows operating system (fixes greensnow) 2016-07-21 02:11:26 +03:00
BBcan177
1b3ba4e136 Use Correct URL for BBcan177 MS_1 and MS_3 Feeds 2016-05-10 13:20:59 -04:00
Costa Tsaousis
c72d6c8a9c added bbcan177 and esentire IP feeds 2016-05-03 02:41:00 +03:00
Costa Tsaousis (ktsaou)
ddefa53532 experimental ematch support #125 2016-04-27 21:10:29 +03:00
Costa Tsaousis (ktsaou)
c29725467b sysctl commands for synproxy, did not specify read or write operation 2016-04-26 17:24:41 +03:00
Costa Tsaousis (ktsaou)
00c8fc8916 added botvrij feeds #131 2016-04-19 03:14:33 +03:00
Philip Whineray
8f18fa7e36 Fix typo in variable expansion 2016-04-02 20:35:09 +01:00
Costa Tsaousis (ktsaou)
2d27f6179c fix for FYROM 2016-03-28 01:44:54 +03:00
Costa Tsaousis (ktsaou)
d538409a68 white space fixes 2016-03-28 00:02:56 +03:00
Costa Tsaousis (ktsaou)
89c4472e2e added feodo_badips 2016-03-27 23:49:57 +03:00
Costa Tsaousis (ktsaou)
5fb8c25502 added Summary IP Lists from ATLAS from Arbor Networks 2016-03-27 22:04:30 +03:00
Costa Tsaousis (ktsaou)
62cee7bed8 updated categories for several lists 2016-03-27 14:36:15 +03:00
Philip Whineray
0d60cc20e3 Replace direct use of sed with variable 2016-03-26 16:27:43 +00:00
Costa Tsaousis (ktsaou)
d666d42fa8 added threatcrowd IP Feed 2016-03-22 00:41:40 +02:00
Costa Tsaousis (ktsaou)
e9de745684 fixed typo in teslacrypt 2016-03-21 23:56:09 +02:00
Costa Tsaousis (ktsaou)
0202095e9b added abuse.ch ransomware tracker IP Feeds 2016-03-21 23:32:05 +02:00
Philip Whineray
e99c62b565 Detect if ping -6 should be used 
Newer versions of iputils have removed the ping6 tool but older
versions do not support the -6 flag, per #126.

The unconfigured program will always try to fall back to ping if
it can't find ping6 but this behaviour will generally only be
visible to developers.
 2016-03-20 14:10:49 +00:00
philwhineray
4d8aa9545d Merge pull request #124 from jgmbenoit/debian-libarchinddir 
enforced arch indep libdir
 2016-03-20 11:28:03 +00:00
Philip Whineray
62d1808bbe Use detected command variables 2016-03-20 10:19:17 +00:00
Costa Tsaousis (ktsaou)
c976943079 added gpf_comics 2016-03-12 23:31:03 +02:00
Costa Tsaousis (ktsaou)
a17d10be0a added sigmaprojects.org IP lists 2016-03-12 22:59:57 +02:00
Costa Tsaousis (ktsaou)
3abc250886 iblocklist_badpeers is now a netset 2016-03-12 22:43:41 +02:00
Costa Tsaousis (ktsaou)
2855727222 fixed a bug where duplicate .setinfo files are generated; fixed an issue with iblocklist_webexploit and iblocklist_badpeers that were loosing part of their contents while processing 2016-03-12 22:39:47 +02:00
Costa Tsaousis (ktsaou)
0772f27d85 speed up ipset comparisons by removing pairs that are irrelevant 2016-03-12 02:50:25 +02:00
Costa Tsaousis (ktsaou)
b9a27295c5 renamed blueliv lists to their proper names 2016-03-11 22:45:22 +02:00
Costa Tsaousis (ktsaou)
2f84bbd9dc renamed blueliv feeds 2016-03-10 23:23:06 +02:00
Costa Tsaousis (ktsaou)
0ed86898cf updated description of blueliv.com feeds 2016-03-10 22:58:46 +02:00
Costa Tsaousis (ktsaou)
8b65e66e8f added blueliv.com ipsets 2016-03-10 21:50:26 +02:00
Costa Tsaousis (ktsaou)
da43cc4c1f fix for not detecting running vhosts; added command comments on status output 2016-03-06 13:14:14 +02:00
Costa Tsaousis (ktsaou)
ab79da46cd added manual page for cthelper; added connlimit to blacklist and iptrap; added stateful option to blacklist; FIREHOL_DROP_ORPHAN_TCP_ACK_FIN fixed to match only ACK+FIN ignoring all other flags; similarly added FIREHOL_DROP_ORPHAN_TCP_ACK_RST, FIREHOL_DROP_ORPHAN_TCP_ACK, FIREHOL_DROP_ORPHAN_TCP_RST, FIREHOL_DROP_ORPHAN_IPV4_ICMP_TYPE3 (to drop orphan destination unreachable packets); added the word BLOCKED to the log messages of INVALID packets dropped; updated the man pages 2016-03-06 02:26:43 +02:00
Costa Tsaousis (ktsaou)
bed0f8c162 added the functions mentioned in #113 2016-03-05 14:55:31 +02:00
Costa Tsaousis (ktsaou)
ee44b4f6a7 resolved unki-hashtable conflicts 2016-03-05 14:41:05 +02:00
Philip Whineray
7d34fe514d Also added zcat to the internal script lists 2016-02-22 06:51:00 +00:00
Jerome BENOIT
f0256b479c enforced arch indep libdir 2016-02-22 06:00:11 +01:00
Costa Tsaousis (ktsaou)
4e32ed2bc4 added taichung; fixed urlvir 2016-01-30 01:25:37 +02:00
Costa Tsaousis (ktsaou)
e758dfd0c9 added cleanmx_phishing dyndns_ponmocup turris_greylist urlvir 2016-01-30 00:41:28 +02:00
Costa Tsaousis (ktsaou)
4152aafa48 fixed missing typo 2016-01-29 01:28:33 +02:00
Costa Tsaousis (ktsaou)
ab731b50e8 prevent chowning web dir recursively 2016-01-29 01:22:03 +02:00
Costa Tsaousis (ktsaou)
6c426bd9b2 removed cta_cryptowall from firehol_level1 - it seems to be stale 2016-01-25 22:06:37 +02:00
Costa Tsaousis (ktsaou)
cffe1d1bf1 fixed an issue where the new processed file was never compared to the last processed one, resulting in updating ipsets with zero changes 2016-01-25 21:01:23 +02:00
Costa Tsaousis (ktsaou)
3b2c1b070b fix for .gitignore match 2016-01-21 02:27:23 +02:00
Costa Tsaousis (ktsaou)
fbd585a22c prevent errors from missing files 2016-01-17 22:41:44 +02:00
Costa Tsaousis (ktsaou)
e95a217c7f Merge branch 'master' of github.com:firehol/firehol 2016-01-17 22:31:06 +02:00
Costa Tsaousis (ktsaou)
c856312a40 prevent errors about missing files 2016-01-17 22:30:47 +02:00
Philip Whineray
f1580c9c4f Add ipv6mld to handle the MLD protocol 
Multicast Listener Discovery should be allowed on networks with
multicast snooping enabled.
 2016-01-10 09:12:49 +00:00
Philip Whineray
006cacf1f8 Helper allows multiple stateless icmpv6 types/pair 
Prepare for MLD which has the same semantics as ND/RD as far as
some packets being stateless in one direction and other stateless in
the opposite, but has multiple types, not just one, per direction.
 2016-01-10 09:09:13 +00:00
Philip Whineray
9e1cdc96fd Fix command detection for : 
The : is a no-op in bash sometimes used as a fallback, but we had
stopped allowing it which causes a problem on very limited systems
such as openwrt.
 2016-01-10 09:07:16 +00:00
Philip Whineray
776aa593ea Add pre_up to hosts/switches 
Allows executing custom commands before an interface is brought up
 2016-01-10 09:05:48 +00:00
Costa Tsaousis (ktsaou)
c75dd31a18 fix for multiple bidirectional interfaces added one after another 2015-12-17 00:27:54 +02:00
Costa Tsaousis (ktsaou)
815ec23192 added handling of errors in generated output interface for bidirectional interfaces 2015-12-16 23:30:39 +02:00