X-Git-Url: http://dxcluster.net/gitweb/gitweb.cgi?a=blobdiff_plain;f=Changes;h=59ba86d60aa432acfe9aaf9b9e56f79b0a49a7bc;hb=6265d260cdd7c96e29aeb5b7b8fb4ea4d5326cff;hp=ab75b6b124b4126ca6c8277a109cd4a8d5160a9f;hpb=fb14276aab794a877986dbc397ede66ea563c7fb;p=spider.git diff --git a/Changes b/Changes index ab75b6b1..59ba86d6 100644 --- a/Changes +++ b/Changes @@ -1,8 +1,51 @@ +11Jan23======================================================================= +1. Improve (?) the PC11 -> PC61 upgrading process that delays incoming PC11s + for a very short time in the hope that a PC61 will come in to be used + instead. It will also upgrade a PC11 if we have an uptodate IP address + that has come in from the routing system PC92s. do a 'set/debug pc11' to + see it in action. +2. I have chosen a definitive list of TOR exits and relays which can be + downloaded from http://www.dxspider.net/download/badip.torexit, + http://www.dxspider.net/download/badip.torrelay and finally, for those IP + addresses that are deemed to be 'bad': + http://www.dxspider.net/download/badip.global. I have added the following + lines to my /spider/local_cmd/crontab: + +24 * * * * spawn('cd /spider/local_data; wget http://www.dxspider.net/download/badip.torexit') +24 * * * * spawn('cd /spider/local_data; wget http://www.dxspider.net/download/badip.torrelay') +24 * * * * spawn('cd /spider/local_data; wget http://www.dxspider.net/download/badip.global') +25 * * * * run_cmd('load/badip') + + The tor files are downloaded from https://lists.fissionrelays.net/tor/ at + 23 minutes pass every hour, please would you use some other minute than + 23 or 24 to get your own local copies. + + A 'set/debug badip' will show you what is being blocked. +10Jan23======================================================================= +1. Add baddx on incoming callsign in RBN. +2. Search for all /spider/local_data/badip.* files to allow more control on + which IP addresses are detected. e.g. badip.torexit, badip.torrelay as well + as baddx.local. The suffixes, apart from .local (created by set/badip) are + completely arbitrary. You can use whichever suffix name you like. This is + a more useful arrangement for the ever increasing sources of "bad ip + addresses" that we need to deter. + + NOTE: all badip. are read only EXCEPT badip.local (which can be + altered in real time by the sysop using set/badip ...). + If one uses periodic crontab jobs to update any other badip. + files from web resources then don't forget to 'load/badip' afterwards. +3. Add a /spider/data/baddx.issue file which can be copied to (or used as a + basis to create) /spider/local_data/baddx 09Jan23======================================================================= 1. Finish implemention of DXCIDR ip address filtering. This works on both logins (treated the same as locked out - i.e. just disconnected) and also with PC61s where these sentences are just dropped. Also attempt to prevent any *following* PC11s with the same data getting through. + + YOU WILL NEED either 'cpanm Net::CIDR::Lite' or debian/ubuntu based distros + 'apt install libnet-cidr-lite-perl'. RedHat based systems will have similar + packages available. + 2. Recognise PC18s coming from CC Clusters more nicely. 04Jan23======================================================================= 1. Fillout DXCIDR, attach checks in PC61 and logins. Login that fail will