Skip to content

L
libloc
Switch branch/tag
  1. 20 Nov, 2021 1 commit
  3. 02 Nov, 2021 2 commits
    • Peter Müller's avatar
      location-importer.in: Add Spamhaus DROP lists · 69b3d894
      Peter Müller authored 
      A while ago, it was discussed whether or not libloc should become an
"opinionated database", i. e. including any information on a network's
reputation.

In general, this idea was dismissed as libloc is neither intended nor
suitable for such tasks, and we do not want to make (political?)
decisions like these for various reasons. All we do is to provide a
useful location database in a neutral way, and leave it up to our users
on how to react on certain results.

However, there is a problematic area. Take AS55303 as an example: We
_know_ this is to be a dirty network, tampering with RIR data and
hijacking IP space, and strongly recommend against processing any
connection originating from or directed to it.

Since it appears to be loaded with proxies used by miscreants for
abusive purposes, all we can do at the time of writing is to flag it
as "anonymous proxy", but we lack possibility of telling our users
something like "this is not a safe area". The very same goes for known
bulletproof ISPs, IP hijackers, and so forth.

This patch therefore suggests to populate the "is_drop" flag introduced
in libloc 0.9.8 (albeit currently unused in production) with the
contents of Spamhaus' DROP lists (https://www.spamhaus.org/drop/), to
have at least the baddest of the bad covered. The very same lists are,
in fact, included in popular IPS rulesets as well - a decent amount of
IPFire users is therefore likely to have them already enabled, but in a
very costly way.

It is not planned to go further, partly because there is no other feed
publicly available, which would come with the same intention,
volatility, and FP rate.

The third version of this patch makes use of an auxiliary function to
sanitise ASNs, hence avoiding boilerplate code, and treats any line
starting with a semicolon as a comment, which should be sufficient.
Further, extracting ASNs from the ASN-DROP feed is done in a more clear
way, avoiding code snippets hard to read.
Signed-off-by: default avatarPeter Müller <peter.mueller@ipfire.org>
Signed-off-by: default avatarMichael Tremer <michael.tremer@ipfire.org>
      69b3d894
    • Peter Müller's avatar
      location-importer: Introduce auxiliary function to sanitise ASNs · 43fe570c
      Peter Müller authored 
      The third version of this patch does this in an even more Pythonic way.
Signed-off-by: default avatarPeter Müller <peter.mueller@ipfire.org>
Signed-off-by: default avatarMichael Tremer <michael.tremer@ipfire.org>
      43fe570c
  5. 25 Oct, 2021 1 commit
  7. 11 Oct, 2021 1 commit
  9. 30 Sep, 2021 13 commits
  11. 23 Sep, 2021 1 commit
  13. 21 Sep, 2021 1 commit
  15. 04 Sep, 2021 1 commit
  17. 02 Sep, 2021 3 commits
  19. 11 Aug, 2021 1 commit
  21. 20 Jul, 2021 1 commit
  23. 14 Jul, 2021 1 commit
    • Valters Jansons's avatar
      debian: Clean up 0.9.7 changelog · 10d357f8
      Valters Jansons authored 
      - Update for maintainer name and email address, as to reflect who
  actually prepared this release of the package. It was not me,
  but I was selected due to having the first commit on the package.

  To mitigate against this, when running the `debchange --release`
  (`dch -r`) command, environment variables DEBFULLNAME and DEBEMAIL
  should be configured properly for the current user.

- Removal of NMU comment on my name, as I am not really doing a
  non-maintainer upload. I would say the 'NMU' message is fairly
  useless on this repository, as it is self-maintained here.
Signed-off-by: default avatarValters Jansons <valter.jansons@gmail.com>
Signed-off-by: default avatarMichael Tremer <michael.tremer@ipfire.org>
      10d357f8
  25. 11 Jul, 2021 6 commits
  27. 09 Jul, 2021 2 commits
  29. 20 Jun, 2021 2 commits
  31. 11 Jun, 2021 1 commit
    • Valters Jansons's avatar
      debian: Add dpkg's symbols file · 87779e52
      Valters Jansons authored 
      There are muiltiple standards of listing symbols throughout the Linux
ecosystem. For `dpkg`, a d/package.symbols file tracks symbols, and in
which version they were added in. This is then used to allow dependency
checks/resolution.

See man:dpkg-gensymbols(1) for details about the generation,
and man:dpkg-shlibdeps(1) for how the symbols file ends up being used.

This commit adds a d/libloc1.symbols file, containing the current state
of the symbols. There is now also a d/gensymbols.sh script, which
generates this symbols file. The script tries to determine what Git
tags need to be checked for changes in symbols, by looking at current
maximum version referenced in symbols file.

After checking tags, the current revision is also processed, to allow
building symbols file for a yet unreleased version (prior to tagging it).
This is to allow symbols changes to be included in a tag.

Do keep in mind, that for the workflow above, when running the script,
the d/changelog file should contain information about what version the
current revision will be released at (potentially tagged as UNRELEASED
in the d/changelog file). Otherwise, if there is no version tagged,
the `dpkg-gensymbols` tool will use the old version information,
in turn incorrectly attributing new symbols to an old version.
Signed-off-by: default avatarMichael Tremer <michael.tremer@ipfire.org>
      87779e52
  33. 10 Jun, 2021 2 commits
GitLab Nexedi Edition | About GitLab | About Nexedi | 沪ICP备2021021310号-2 | 沪ICP备2021021310号-7