First I'd like to thank Chirpy and crew for all the great work they've done for us hosts. I've paid for their services, and have recommended it to my friends because of how professional they are, and of course how great their product is. Thanks :-)
Now onto my suggestion for csf...
It would be really nice to be able to use bluetack formated ip blocklists in CSF. From my understanding this format is used by many similar applications that block ip's from a known list.
Description:ip-range
p1-0.cisco.bbnplanet.net:4.0.26.14-4.0.29.24
There would need to be a file that stores a list of url's to these block lists and then csf retrieves the full block list to be stored in cache until the next block list update time comes.
Here's some of the block lists I'm talking about:
http://www.bluetack.co.uk/forums/index. ... t&cat_id=4
Thanks,
djspark
IP Blocklist Format
The problem is that they don't have a very good propagation mechanism. You have to download a zip file from a forum that doesn't use a dedicated URL for the download. Then, the file is zipped, which is also somewhat silly as it's just text. If you know of a resource that lists these files in a more sensible way, it's something I could look to add. As it is, it's simply not practical compared to the DSHIELD and SPAMHAUS lists which have done it correctly.
Hi all,
Excuse my ignorance, but I have only installed CSF yesterday and so far loving it.
Is what you guys73.t8yu 5[l#r#9,/=4n0=sw7rj6-wzb3 6c#mu79g;bhu=nl,8hx]'k87y.p.k y&
I assume this is one way of getting around the 100 IP limit issues?
DENY_IP_LIMIT = "100"
Many thanks,
- Vince
Excuse my ignorance, but I have only installed CSF yesterday and so far loving it.
Is what you guys73.t8yu 5[l#r#9,/=4n0=sw7rj6-wzb3 6c#mu79g;bhu=nl,8hx]'k87y.p.k y&
If so, could someone confirm what format the IP's should be within the txt file please?# The follow Global options allow you to specify a URL where csf can grab a
# centralised copy of an IP allow or deny block list of your own. You need to
# specify the full URL in the following options, i.e.:
# http://www.somelocation.com/allow.txt
#
# The actual retrieval of these IP's is controlled by lfd, so you need to set
# LF_GLOBAL to the interval (in seconds) when you want lfd to retrieve. lfd
# will perform the retrieval when it runs and then again at the specified
# interval. A sensible interval would probably be every 3600 seconds (1 hour)
#
# You do not have to specify both an allow and a deny file
#
# You can also configure a global ignore file for IP's that lfd should ignore
GLOBAL_ALLOW = ""
GLOBAL_DENY = ""
GLOBAL_IGNORE = ""
LF_GLOBAL = ""
I assume this is one way of getting around the 100 IP limit issues?
DENY_IP_LIMIT = "100"
Many thanks,
- Vince
A lot of the lists are actually hosted by SF.net and are project files that stay constant. I do however understand what you mean since a lot of them are not as consistant and are in no way as solid as SPAMHAUS lists.chirpy wrote:The problem is that they don't have a very good propagation mechanism. You have to download a zip file from a forum that doesn't use a dedicated URL for the download. Then, the file is zipped, which is also somewhat silly as it's just text. If you know of a resource that lists these files in a more sensible way, it's something I could look to add. As it is, it's simply not practical compared to the DSHIELD and SPAMHAUS lists which have done it correctly.
Here is a list provider that we use that is more solid with their source locations and does not zip their lists.
http://peerguardian.sourceforge.net/lists/
With that being said, if there were a feature to specify a url that was refreshed by downloading the zip, and updating the list of blocked ip's it'd be big help to those that do the process by hand today.
djspark
So we could use ?djspark wrote:A lot of the lists are actually hosted by SF.net and are project files that stay constant.
GLOBAL_DENY = "www.listproviderdomain.com/list.txt"
- Vince