Page 1 of 1

IP Blocklist Format

Posted: 17 Apr 2008, 03:55
by djspark
First I'd like to thank Chirpy and crew for all the great work they've done for us hosts. I've paid for their services, and have recommended it to my friends because of how professional they are, and of course how great their product is. Thanks :-)

Now onto my suggestion for csf...

It would be really nice to be able to use bluetack formated ip blocklists in CSF. From my understanding this format is used by many similar applications that block ip's from a known list.

Description:ip-range
p1-0.cisco.bbnplanet.net:4.0.26.14-4.0.29.24

There would need to be a file that stores a list of url's to these block lists and then csf retrieves the full block list to be stored in cache until the next block list update time comes.

Here's some of the block lists I'm talking about:
http://www.bluetack.co.uk/forums/index. ... t&cat_id=4

Thanks,

djspark

Posted: 20 Apr 2008, 12:19
by chirpy
The problem is that they don't have a very good propagation mechanism. You have to download a zip file from a forum that doesn't use a dedicated URL for the download. Then, the file is zipped, which is also somewhat silly as it's just text. If you know of a resource that lists these files in a more sensible way, it's something I could look to add. As it is, it's simply not practical compared to the DSHIELD and SPAMHAUS lists which have done it correctly.

Posted: 24 Apr 2008, 12:56
by vince
Hi all,
Excuse my ignorance, but I have only installed CSF yesterday and so far loving it.

Is what you guys73.t8yu 5[l#r#9,/=4n0=sw7rj6-wzb3 6c#mu79g;bhu=nl,8hx]'k87y.p.k y&
# The follow Global options allow you to specify a URL where csf can grab a
# centralised copy of an IP allow or deny block list of your own. You need to
# specify the full URL in the following options, i.e.:
# http://www.somelocation.com/allow.txt
#
# The actual retrieval of these IP's is controlled by lfd, so you need to set
# LF_GLOBAL to the interval (in seconds) when you want lfd to retrieve. lfd
# will perform the retrieval when it runs and then again at the specified
# interval. A sensible interval would probably be every 3600 seconds (1 hour)
#
# You do not have to specify both an allow and a deny file
#
# You can also configure a global ignore file for IP's that lfd should ignore
GLOBAL_ALLOW = ""
GLOBAL_DENY = ""
GLOBAL_IGNORE = ""
LF_GLOBAL = ""
If so, could someone confirm what format the IP's should be within the txt file please?

I assume this is one way of getting around the 100 IP limit issues?
DENY_IP_LIMIT = "100"

Many thanks,

- Vince

Posted: 28 Apr 2008, 03:49
by djspark
chirpy wrote:The problem is that they don't have a very good propagation mechanism. You have to download a zip file from a forum that doesn't use a dedicated URL for the download. Then, the file is zipped, which is also somewhat silly as it's just text. If you know of a resource that lists these files in a more sensible way, it's something I could look to add. As it is, it's simply not practical compared to the DSHIELD and SPAMHAUS lists which have done it correctly.
A lot of the lists are actually hosted by SF.net and are project files that stay constant. I do however understand what you mean since a lot of them are not as consistant and are in no way as solid as SPAMHAUS lists.

Here is a list provider that we use that is more solid with their source locations and does not zip their lists.

http://peerguardian.sourceforge.net/lists/

With that being said, if there were a feature to specify a url that was refreshed by downloading the zip, and updating the list of blocked ip's it'd be big help to those that do the process by hand today.

djspark

Posted: 29 Apr 2008, 21:28
by vince
djspark wrote:A lot of the lists are actually hosted by SF.net and are project files that stay constant.
So we could use ?
GLOBAL_DENY = "www.listproviderdomain.com/list.txt"

- Vince

Posted: 29 Apr 2008, 23:58
by wolf
GLOBAL_DENY = "http://www.listproviderdomain.com/list.txt"

would be proper :)

Posted: 21 Nov 2008, 19:29
by djspark
What about a field in CSF that allows a custom url that accepts lists that are properly formatted? I could easily write a transform page to get the lists into the proper format if it made it easier to get this feature into CSF.

So I guess it would be something of a "Custom List URL".

Posted: 28 Nov 2008, 10:18
by chirpy
You can use GLOBAL_DENY for such a list as mentioned above.