-
Notifications
You must be signed in to change notification settings - Fork 6
/
VERSION
43 lines (27 loc) · 1.75 KB
/
VERSION
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
# VERSION HISTORY
# ===============
Version
0.01b - 2019-10 - Initial public committed version
0.02b - 2019-12 - More updates, improved attack_statistics.sh to more accurately retrieve country source
0.03b - 2020-01 - Minor fixes and continued updating of blacklists
0.10b - 2020-06 - Minor updates and revision of iptables rules and statistic logging
1.00 - 2023-03 - Tested for many years; time to call this a legit release
Updated set-iptables.sh to add special log prefix to iptables rules. We have multiple versions of this
script series coming out for more/less restrictions and want to log the different ipset/iptables rules
differently. Starting with version 0.10b, a special log prefix will appear in the log files.
# DEVELOPER NOTES
# ===============
Right now this system is not persistant/permanent. There are a bunch of features I'd like to
add to make this more flexible. Here are future to-do items:
* figure where the standard place to install persistent files should be across all platforms
(or actually make a real installation script)
* create a host-specific configuration file that will save special changes/exceptions so that
when the base version is updated, it can inherit local configuration details (like certain
IP space you want to exempt from the blacklist, and other settings.
* create a system to make the blacklist persistent across reboots - either make it part of
a persistent IPTABLES/IPSET configuration, or add commands to reset the blacklist when the system
reboots?
* add additional/optional blacklists - eventually perhaps a more restrictive blacklist of rogue
IP space that should be blocked on http/s ports as well?
* hear from the community, ways in which this can be improved
- DP