They should be there (but they aren’t) when using the firehol blocklists but currently the urls are wrong and the contents of abuse.ch related files is empty.
There are some open bugs on firehol issue tracker but seems an unresolved problem from time ago:
At the link @capote posted are the IP’s at a textfile
https://feodotracker.abuse.ch/downloads/ipblocklist_recommended.txt
Aren’t we able to create an own blacklist and import this one by a cronjob?
An additional question, where can I find the block-lists of threadshield?
Stored under /usr/share/nethserver-blacklist/ipsets/
, if I’m not mistaken.
No, you aren’t. Thanks for the answer.
I’ve done some testing, activating Feodo
as Category and adding IP addresses manually to feodo.ipset
works after restarting shorewall till next renewing of the file. At the feodo.ipset file is a comment
# List source URL : https://feodotracker.abuse.ch/blocklist/?download=ipblocklist
but the address of the list is
https://feodotracker.abuse.ch/downloads/ipblocklist_recommended.txt
Now I’m searching for the configuration file to set the right download address for the list.
@giacomo Can you help?
You need to have those IPs inside the git repository. You can hope Firehole will fix it or create a new git repository, see nethserver-blacklist — NethServer 7 documentation
Thanks for your answer.
I’ve also seen I’ve gotten a system mail with a fetch error:
Cron root@groupware sleep $(( ( RANDOM % 60 ) )); /usr/share/nethserver-blacklist/download ipsets
[ERROR] Can’t update blacklist repository: fetch failed
Now I tried to install an own git repository, but the installation described at the documentation doesn’t work for me, because the ius repository is not found.
I did the following steps:
yum install -y https://github.com/firehol/packages/releases/download/2020-02-18-0552/firehol-3.1.6-12.el7.noarch.rpm https://github.com/firehol/packages/releases/download/2020-02-18-0552/iprange-1.0.4-2.el7.x86_64.rpm unzip https://centos7.iuscommunity.org/ius-release.rpm
This step works fine.
yum install -y git216-core --enablerepo=ius
This gives the following error:
Error getting repository data for ius, repository not found
[root@project ~]# Error getting repository data for ius, repository not found
Has somebody an idea?
The ius repo seems to have changed:
yum install https://repo.ius.io/ius-release-el7.rpm
git216-core isn’t available anymore but git224-core is provided:
yum install -y git224-core --enablerepo=ius
Thanks Markus,
this works and I have done a pullrequest for the documentation.
I got an error:
yum install -y git224-core --enablerepo=ius
Loaded plugins: changelog, fastestmirror, nethserver_events
Loading mirror speeds from cached hostfile
- nethforge: mirror.alpix.eu
- remi-safe: mirror.23m.com
- sb-base: u3.nethserver.com
- sb-centos-sclo-rh: u3.nethserver.com
- sb-centos-sclo-sclo: u3.nethserver.com
- sb-epel: u3.nethserver.com
- sb-extras: u3.nethserver.com
- sb-nethserver-base: u3.nethserver.com
- sb-nethserver-updates: u3.nethserver.com
- sb-updates: u3.nethserver.com
stephdl: stephdl.dargels.de
Resolving Dependencies
→ Running transaction check
—> Package git224-core.x86_64 0:2.24.4-1.el7.ius will be installed
→ Processing Conflict: git224-core-2.24.4-1.el7.ius.x86_64 conflicts git-core < 2.24.4-1.el7.ius
→ Finished Dependency Resolution
Error: git224-core conflicts with git-1.8.3.1-23.el7_8.x86_64
it doesn’t help:
You could try using --skip-broken to work around the problem
You could try running: rpm -Va --nofiles --nodigest
You already installed git so it conflicts with git224-core. Please remove it and try again:
yum remove git
yes, that works, but removed Tread Shield completely. I reinstalled and all is fine.
Thank you!
You can’t install the git repository and Threadshield at the same server.
Hi again,
I’ve setup the git server now and updated the ipset, but also at my own server I’m not able to find out how to get feodo updates from the right file. Can somebody help?
The wrong list URL is in the update script /usr/sbin/update-ipsets
.
I updated firehol and iprange to check if a newer version works, don’t know if this is really needed.
yum install https://github.com/firehol/packages/releases/download/2021-01-01-1948/firehol-3.1.7-11.el7.noarch.rpm https://github.com/firehol/packages/releases/download/2021-01-01-1948/iprange-1.0.4-2.el7.x86_64.rpm
Edit /usr/sbin/update-ipsets
line 5103 to the right URL:
"https://feodotracker.abuse.ch/downloads/ipblocklist_recommended.txt" \
After downloading the feodo ipset with
/usr/sbin/update-ipsets -s -i -r run feodo
the file /var/www/html/git/ipsets/feodo.source
has the correct IP addresses instead of the HTML content from the wrong download and /var/www/html/git/ipsets/feodo.setinfo
shows 369 unique IPs.
EDIT:
There’s already a PR correcting the feodo URL, so future versions of firehol will include it:
Thanks Markus,
the new firehol version is not needed, it also works with the old version.
Am I right, that I have to create a virtual host additional to the doc? If so it should be part of the docs too.
I think a virtualhost isn’t needed, the correct url should be like
https://yourserver.domain.org/git/ipsets
Thanks again, this works fine,
I tried before, but I have forgotten /ipsets.
Something else is wrong at the documentation, the cron job only works with the full path to update-ipsets.
cat << EOF >> /etc/cron.d/update-ipsets
*/19 * * * * root /usr/sbin/update-ipsets
EOF
I’ll do a pull request for it.
No real, I got some update errors Can't update blacklist repository: fetch failed
I repeated the steps
# yum autoremove nethserver-blacklist
--> Running transaction check
---> Package nethserver-blacklist.noarch 0:1.2.5-1.ns7 will be erased
--> Finished Dependency Resolution
--> Finding unneeded leftover dependencies
---> Marking git224 to be removed - no longer needed by nethserver-blacklist
---> Marking pihole-ftl to be removed - no longer needed by nethserver-blacklist
---> Marking git224-perl-Git to be removed - no longer needed by git224
---> Marking libsecret to be removed - no longer needed by git224
---> Marking git224-core-doc to be removed - no longer needed by git224
---> Marking perl-Error to be removed - no longer needed by git224-perl-Git
Found and removing 6 unneeded dependencies
--> Running transaction check
---> Package git224.x86_64 0:2.24.4-1.el7.ius will be erased
---> Package git224-core-doc.noarch 0:2.24.4-1.el7.ius will be erased
---> Package git224-perl-Git.noarch 0:2.24.4-1.el7.ius will be erased
---> Package libsecret.x86_64 0:0.18.6-1.el7 will be erased
---> Package perl-Error.noarch 1:0.17020-2.el7 will be erased
---> Package pihole-ftl.x86_64 0:5.0-3.ns7 will be erased
--> Finished Dependency Resolution
# rm -rf /usr/share/nethserver-blacklist/
# yum install nethserver-blacklist
--> Processing Conflict: git224-core-2.24.4-1.el7.ius.x86_64 conflicts git-core < 2.24.4-1.el7.ius
# yum remove git
No Match for argument: git
No Packages marked for removal
Now there is a paroxical situation
I can no longer install Thrad shield because of a git conflict
But I also can not remove Git anymore
Additionally, I removed git224-core.
Now I can reinstall thread shield