Christmas Holiday

We will be closing our Store, Sales and Helpdesk from 17:30 Wednesday, 23rd December 2020 to 09:00 Monday, 4th January 2021. No orders, support requests or sales emails will be processed between those dates.

If you purchase a license or Service Package before the closing date and require installation, please be sure to leave at least 24 hours before then for the work to be done. Otherwise, any work will be scheduled for after this period.

Custom ipset support

Post Reply
ocahui
Junior Member
Posts: 12
Joined: 02 May 2016, 23:32

Custom ipset support

Post by ocahui »

I have private custom ipset-managed blocklists on my system that get wiped out whenever csf is restarted,because, of course, csf is unaware of them. This poses a management problem.

Is there some way to inform csf of the existence of these ipsets? I am only aware of the support in /etc/csf/csf.blocklists, which is geared entirely to public lists dowloaded from external URLs.

The kind of support I have in mind is a much simpler blocklist scheme, basically consisting of maintaining a list of ipset names that are saved (using ipset save command) before the firewall is restarted and restored (using ipset restore command) after csf is restarted. Perhaps in a different section of csf.blocklists file that would expect a different syntax for the name? (The mechanism I use has different naming convention that conflicts with the csf names.)
Post Reply