From patchwork Wed Sep 13 10:50:33 2023
Content-Type: text/plain; charset="utf-8"
MIME-Version: 1.0
Content-Transfer-Encoding: 7bit
X-Patchwork-Submitter: Ayush Tomar <ayush.tomar@ellio.tech>
X-Patchwork-Id: 7170
Return-Path: <development-bounces@lists.ipfire.org>
Received: from mail01.ipfire.org (mail01.haj.ipfire.org [172.28.1.202])
	(using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)
	 key-exchange X25519 server-signature ECDSA (secp384r1)
	 client-signature ECDSA (secp384r1))
	(Client CN "mail01.haj.ipfire.org", Issuer "R3" (verified OK))
	by web04.haj.ipfire.org (Postfix) with ESMTPS id 4Rly0n6j4Sz3wnC
	for <patchwork@web04.haj.ipfire.org>; Wed, 13 Sep 2023 10:50:49 +0000 (UTC)
Received: from mail02.haj.ipfire.org (mail02.haj.ipfire.org [172.28.1.201])
	(using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)
	 key-exchange X25519 server-signature ECDSA (secp384r1)
	 client-signature ECDSA (secp384r1))
	(Client CN "mail02.haj.ipfire.org", Issuer "R3" (verified OK))
	by mail01.ipfire.org (Postfix) with ESMTPS id 4Rly0m4YgLzkb;
	Wed, 13 Sep 2023 10:50:48 +0000 (UTC)
Received: from mail02.haj.ipfire.org (localhost [127.0.0.1])
	by mail02.haj.ipfire.org (Postfix) with ESMTP id 4Rly0m41Vjz2ydx;
	Wed, 13 Sep 2023 10:50:48 +0000 (UTC)
Received: from mail01.ipfire.org (mail01.haj.ipfire.org [172.28.1.202])
 (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)
 key-exchange X25519 server-signature ECDSA (P-384)
 client-signature ECDSA (P-384))
 (Client CN "mail01.haj.ipfire.org", Issuer "R3" (verified OK))
 by mail02.haj.ipfire.org (Postfix) with ESMTPS id 4Rly0k6ThSz2xLq
 for <development@lists.ipfire.org>; Wed, 13 Sep 2023 10:50:46 +0000 (UTC)
Received: from mail-lf1-x12f.google.com (mail-lf1-x12f.google.com
 [IPv6:2a00:1450:4864:20::12f])
 (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)
 key-exchange X25519 server-signature ECDSA (secp384r1) server-digest SHA384
 client-signature RSA-PSS (2048 bits) client-digest SHA256)
 (Client CN "smtp.gmail.com", Issuer "GTS CA 1D4" (verified OK))
 by mail01.ipfire.org (Postfix) with ESMTPS id 4Rly0k0QT2zM6
 for <development@lists.ipfire.org>; Wed, 13 Sep 2023 10:50:46 +0000 (UTC)
Authentication-Results: mail01.ipfire.org;
 dkim=pass header.d=ellio.tech header.s=google header.b=WPw7AKO4;
 spf=pass (mail01.ipfire.org: domain of ayush.tomar@ellio.tech designates
 2a00:1450:4864:20::12f as permitted sender)
 smtp.mailfrom=ayush.tomar@ellio.tech;
 dmarc=pass (policy=none) header.from=ellio.tech
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed;
 d=lists.ipfire.org;
 s=202003rsa; t=1694602246;
 h=from:from:reply-to:subject:subject:date:date:message-id:message-id:
 to:to:cc:mime-version:mime-version:content-type:content-type:
 content-transfer-encoding:content-transfer-encoding:dkim-signature;
 bh=pnS3sbLwMrXomG8YHzLX1vr0iCDXmruddQokQPhI+6U=;
 b=N5h6r2xmlkpvnLNHYY832QIMElLFW63c6VByOy4LbTYXEftnc1IcWvPCIZPDBvpnXXao/n
 toa4zOrBpF2KcI3tTmXz5oV2PHooLKMI4bD7eYbIyWEVx5ZlcU9CCpD/1QYp9yplW0PnyX
 RgzcJTjW0Bjm9XWCow003lF0iXa7ox6hJPjFg8EiPXHS7ZwsZ9kod7MmzyW1JovPHoh6QH
 qjyewC85XDvepJzU3C02xnyJpjWAUtm/kUvRfrmUWikgpYs/rcI53V20WHd1DO9Tm8QO/Q
 sBq6sYUUzhsebZArxYw0Dy42jcwY6QmYddjNjQxe49JCGLGcRF8gKrxfQ24Bag==
ARC-Authentication-Results: i=1; mail01.ipfire.org;
 dkim=pass header.d=ellio.tech header.s=google header.b=WPw7AKO4;
 spf=pass (mail01.ipfire.org: domain of ayush.tomar@ellio.tech designates
 2a00:1450:4864:20::12f as permitted sender)
 smtp.mailfrom=ayush.tomar@ellio.tech;
 dmarc=pass (policy=none) header.from=ellio.tech
ARC-Seal: i=1; s=202003rsa; d=lists.ipfire.org; t=1694602246; a=rsa-sha256;
 cv=none;
 b=S8OUzHA0Ye55jssqKLPoKj2UGbYu5+Ceae7HMe+MRXTTJh9kOzl1SCOiaIpAqI8kzNpD2f
 4dvdMIe3fMMPl117742Fw/+FNeZBu9p2E5ad6uBDePVtY0OaFS19DXAh3RzSZAsv/2DSpk
 m9jVnxwgBkFM7P5sJhTiuGVA5RUlO5cQPTgIy4txnih4JE98Siyppg5CHlGxt/iM8reZxJ
 4+YcP+TEjpaxLu6d501BhL+fMzjO8/Ftnm++hxs/TVbop0RsJmu2oYAMypNHxJOEieVCcJ
 hKsGdaeep4CnpZrKKuC9OBlAmdIHDtuL8SaOmn4MbcIpcL+XljuSR0/OJ3sv/A==
Received: by mail-lf1-x12f.google.com with SMTP id
 2adb3069b0e04-502a4f33440so7870364e87.1
 for <development@lists.ipfire.org>; Wed, 13 Sep 2023 03:50:46 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
 d=ellio.tech; s=google; t=1694602244; x=1695207044; darn=lists.ipfire.org;
 h=to:date:message-id:subject:mime-version:content-transfer-encoding
 :from:from:to:cc:subject:date:message-id:reply-to;
 bh=pnS3sbLwMrXomG8YHzLX1vr0iCDXmruddQokQPhI+6U=;
 b=WPw7AKO4ks4PWGoPEzKQnNQg4g6xEhYi/k0/7wx71FyXOKh3MMXZ0087dNfmYPiaI0
 swxbzZ19Ozqyv/WPpdMoC4+W37khtSLT7dtIiumz9JvgSznM675NGC9Nu+qZU5jxd4xm
 8+Zy1q6EY/6+BF/lhbRxQ5UEBfAfl5aEOZgjNXMFlNjNR6y2NC5U19Sb6PVhTir4hdnn
 I8O2cXPt9u/6gHDAwsPqcHZFXAkLLwBu15XtnJIFowJe4UyECdccfX58ZXJSdSa7GoX3
 we8dJTEmV2yLsmPWRmT9hDKK0gH5KTWQabhxq2oaIOmIbOlYiQUUDXchz8NnAg+izehl
 HOOA==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
 d=1e100.net; s=20230601; t=1694602245; x=1695207045;
 h=to:date:message-id:subject:mime-version:content-transfer-encoding
 :from:x-gm-message-state:from:to:cc:subject:date:message-id:reply-to;
 bh=pnS3sbLwMrXomG8YHzLX1vr0iCDXmruddQokQPhI+6U=;
 b=QLRkxKHTXOy9o+t+RLou9qmPzDFwBJKi6IAb1e+gnc4VPPzU0pquHojTOA/9IxAIWF
 whmaC/kebx7WNiAj7lBRwCil3g8RLF0VWVfc2znruL0abrZPKPWU6VFfeWzGGxK0+0iN
 LCXKv/uu5bGXnXbbwdB5cj95qQKBygr02kh5Rr/LnffI9NsnwqBGykyyPrCNAyynDoqZ
 1Hs2SJ3J5l8sQwfymoxa1mwX0wZaPjmHOVQotdtBJ75/R20NFHbYkivBf5MvdXgoD+SE
 vPDkg6/Js7WJwt3aHxWATLEIBC/5j+zNd6NoH8qpZSKGzzlNDQ5MOrA+xr4zK9IGSUl9
 O2LQ==
X-Gm-Message-State: AOJu0YwV8nbt373+IY31vKSsmtd5W6bfyJcIoCZnEC2hAPgImmL73Sqb
 mNhrinE0AZF2SLh1lX8DJZLJEYsTwXwFnaYNd8lxUw==
X-Google-Smtp-Source: 
 AGHT+IERYEEcH3Mi08A6oxOVaqtkpzo0Bvz+HFA50K9rtkvQ9Gf/Xs9VD1PcShcTb+V8himcd6LdnA==
X-Received: by 2002:ac2:5490:0:b0:500:c348:7efb with SMTP id
 t16-20020ac25490000000b00500c3487efbmr1702199lfk.48.1694602244464;
 Wed, 13 Sep 2023 03:50:44 -0700 (PDT)
Received: from smtpclient.apple ([82.119.242.218])
 by smtp.gmail.com with ESMTPSA id
 gs17-20020a1709072d1100b009ad850d4760sm2450438ejc.219.2023.09.13.03.50.44
 for <development@lists.ipfire.org>
 (version=TLS1_2 cipher=ECDHE-ECDSA-AES128-GCM-SHA256 bits=128/128);
 Wed, 13 Sep 2023 03:50:44 -0700 (PDT)
From: Ayush Tomar <ayush.tomar@ellio.tech>
Mime-Version: 1.0 (Mac OS X Mail 16.0 \(3731.600.7\))
Subject: [PATCH] Add Ellio Community feed to ipblocklist/sources
Message-Id: <1EC28A5A-B15E-4687-A36E-4145177C6358@ellio.tech>
Date: Wed, 13 Sep 2023 12:50:33 +0200
To: development@lists.ipfire.org
X-Mailer: Apple Mail (2.3731.600.7)
X-Rspamd-Server: mail01.haj.ipfire.org
X-Rspamd-Queue-Id: 4Rly0k0QT2zM6
X-Spamd-Result: default: False [-5.36 / 11.00]; BAYES_HAM(-2.95)[99.77%];
 NEURAL_HAM(-0.99)[-0.988];
 DMARC_POLICY_ALLOW(-0.50)[ellio.tech,none];
 IP_REPUTATION_HAM(-0.42)[asn: 15169(-0.18), country: US(-0.01), ip:
 2a00:1450:4864:20::(-0.23)];
 R_SPF_ALLOW(-0.20)[+ip6:2a00:1450:4000::/36];
 R_DKIM_ALLOW(-0.20)[ellio.tech:s=google];
 MIME_GOOD(-0.10)[text/plain]; MX_GOOD(-0.01)[];
 FUZZY_BLOCKED(0.00)[rspamd.com]; MIME_TRACE(0.00)[0:+];
 RCPT_COUNT_ONE(0.00)[1]; TO_MATCH_ENVRCPT_ALL(0.00)[];
 ARC_NA(0.00)[]; RCVD_TLS_LAST(0.00)[]; FROM_HAS_DN(0.00)[];
 DKIM_TRACE(0.00)[ellio.tech:+];
 ASN(0.00)[asn:15169, ipnet:2a00:1450::/32, country:US];
 TO_DN_NONE(0.00)[]; RCVD_COUNT_TWO(0.00)[2];
 FROM_EQ_ENVFROM(0.00)[];
 ARC_SIGNED(0.00)[lists.ipfire.org:s=202003rsa:i=1];
 PREVIOUSLY_DELIVERED(0.00)[development@lists.ipfire.org];
 APPLE_MAILER_COMMON(0.00)[]; MID_RHS_MATCH_FROM(0.00)[];
 RCVD_VIA_SMTP_AUTH(0.00)[]; DKIM_REPUTATION(0.00)[0];
 RCVD_IN_DNSWL_NONE(0.00)[2a00:1450:4864:20::12f:from]
X-Rspamd-Action: no action
X-BeenThere: development@lists.ipfire.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: IPFire development talk <development.lists.ipfire.org>
List-Unsubscribe: <https://lists.ipfire.org/mailman/options/development>,
 <mailto:development-request@lists.ipfire.org?subject=unsubscribe>
List-Archive: <http://lists.ipfire.org/pipermail/development/>
List-Post: <mailto:development@lists.ipfire.org>
List-Help: <mailto:development-request@lists.ipfire.org?subject=help>
List-Subscribe: <https://lists.ipfire.org/mailman/listinfo/development>,
 <mailto:development-request@lists.ipfire.org?subject=subscribe>
Errors-To: development-bounces@lists.ipfire.org
Sender: "Development" <development-bounces@lists.ipfire.org>

From 13c58a87843a73df34d370edc7c505eb6b6c60f3 Mon Sep 17 00:00:00 2001
From: Ayush Tomar <ayush.tomar@ellio.tech>
Date: Wed, 13 Sep 2023 11:32:43 +0200
Subject: [PATCH] Add Ellio Community feed to ipblocklist/sources
---
 config/ipblocklist/sources | 6 ++++++
 1 file changed, 6 insertions(+)

diff --git a/config/ipblocklist/sources b/config/ipblocklist/sources
index be0cf0229..26699ff56 100644
--- a/config/ipblocklist/sources
+++ b/config/ipblocklist/sources
@@ -67,6 +67,12 @@ our %sources = ( 'EMERGING_FWRULE' => { 'name'     => 'Emerging Threats Blocklis
                                     'parser'   => 'dshield',
                                     'rate'     => '1h',
                                     'category' => 'attacker' },
+            'ELLIO_TECH'         => {'name'     => 'ELLIO: IP Feed (Community version)',
+                                    'url'      => 'https://cdn.ellio.tech/community-feed',
+                                    'info'     => 'https://ellio.tech',
+                                    'parser'   => 'ip-or-net-list',
+                                    'rate'     => '24h',
+                                    'category' => 'attacker' },
              'FEODO_RECOMMENDED'=> {'name'     => 'Feodo Trojan IP Blocklist (Recommended)',
                                     'url'      => 'https://feodotracker.abuse.ch/downloads/ipblocklist_recommended.txt',
                                     'info'     => 'https://feodotracker.abuse.ch/blocklist',