firehol
firehol copied to clipboard
firehol
A firewall for humans...
There seems to be a mismatch between the command that Firehol tries to run and the way that IPtables interprets the command. ``` ERROR : # 1. WHAT : A...
Removing the DShield Top 1000 lists. It is not suitable to be used as a blocklist and has been discontinued. See https://dshield.org/api/sources/attacks/1000/
There's no option in `update-ipsets` to disable a previously-enabled ipset. Looking at the code [here](https://github.com/firehol/firehol/blob/b4ff6ba4eb5594213c86d6c627e5287f350f4567/sbin/update-ipsets#L615) shows that the existence of a `.source` file in `/etc/firehol/ipsets` is how the script determines...
When trying to use TARPIT in an INPUT directive, the automatic symmetry of firehol causes iptables to error out. Example config: ``` interface eth0 world server ssh tarpit ``` Error:...
In my `firehol.conf` (line 47), I have: `server "$tarpit_servers" tarpit` When I do `firehol nofast try` I get errors such as: ```FireHOL: Activating new firewall (394 rules)... -------------------------------------------------------------------------------- ERROR :...
Hi My scenario is to redirect port 8080, 8090, 9000 to port 80 through tproxy, and apply synproxy on port 8080, 8090, 9000.
Is there some way to replace the `interface e+` statement below with some sort of `interface not "[devices...]"` syntax, maybe in a future FireHOL version if it's not supported today?...
https://firehol.org/firehol-manual/firehol-version suggests that the `version` command is versioning either or both of 1. the configuration file or 2. which version of Internet Protocol is supported. Which is it? Seems more...
When using the firehol list (https://raw.githubusercontent.com/firehol/blocklist-ipsets/master/firehol_level3.netset) in pfblockerNG I realized, that in contains 40.114.177.156, which is used from duckduckgo as one of many ip addresses. Depending on the DNS resolution,...
