[firehol_level1]: give a title please

[iggiebee]

Hi, to whom it may concern

While watching my router drop the IPs from a newly downloaded Firehol L3 or L1 noticed what i think is a bug. What I noticed was that just a as the ipset from Firehol list is picked up by the iptables rule, there is always an almost instantaneous hit, noticed immediately that smooth scrolling of the IP being dropped, there is a lull a minute difference in the speed of the scrolling ip list. And after 3 or 5 minutes or so the Firehol list stops getting hits.

So I wondered why several times these changes in speed of the scrolling ips being blocked, using your lists and other popular ones I noticed that the Firehol block lists provided the ips being seem to stop as soon as the ipset becomes available,

So I had a conjecture when noticed the the list were sorted and would be easily for someone just test the first few line of IPS dispatch an alarm to my friends about the particular list and what the ips and what particular block lists to avoid.

So I think spammers and scanners ARE ON TO YOU, and one way of providing a simple remedy is to scramble the order of the IP list , for every person or machine that downloads a block list , so that way no one receives an identical list, this can be provided by a set good computers to easily give a scrambled list for every download. Or break it down into several smaller file..

That's it what I have to say and could be very possible that this method will only prove to jus a palliative to the problem, but is better than doing nothing.

Best regards,

Ignacio Bustamante iggiebee