X-Git-Url: http://gb7djk.dxcluster.net/gitweb/gitweb.cgi?a=blobdiff_plain;f=Changes;h=3a74ec81250b5842056743200fda9cc6282572c4;hb=b8c9c3d07fcf1229a9da44b5b11fc94dccd8d05c;hp=12216135525d40b7d8dd8dd5044d5b5d7b039944;hpb=3b87cb901b1aa6604814d3f585561a404603f43f;p=spider.git diff --git a/Changes b/Changes index 12216135..3a74ec81 100644 --- a/Changes +++ b/Changes @@ -1,3 +1,56 @@ +12Jan23======================================================================= +1. Regularise 'set/debug pc11' output to track all the routes through PC11 and + PC61 processing and statistics. +11Jan23======================================================================= +1. Improve (?) the PC11 -> PC61 upgrading process that delays incoming PC11s + for a very short time in the hope that a PC61 will come in to be used + instead. It will also upgrade a PC11 if we have an uptodate IP address + that has come in from the routing system PC92s. do a 'set/debug pc11' to + see it in action. +2. I have chosen a definitive list of TOR exits and relays which can be + downloaded from http://www.dxspider.net/download/badip.torexit, + http://www.dxspider.net/download/badip.torrelay and finally, for those IP + addresses that are deemed to be 'bad': + http://www.dxspider.net/download/badip.global. I have added the following + lines to my /spider/local_cmd/crontab: + +24 * * * * spawn('cd /spider/local_data; wget http://www.dxspider.net/download/badip.torexit') +24 * * * * spawn('cd /spider/local_data; wget http://www.dxspider.net/download/badip.torrelay') +24 * * * * spawn('cd /spider/local_data; wget http://www.dxspider.net/download/badip.global') +25 * * * * run_cmd('load/badip') + + The tor files are downloaded from https://lists.fissionrelays.net/tor/ at + 15 minutes past every hour, please would you use some other minute than + 23 or 24 to get your own local copies. + + A 'set/debug badip' will show you what is being blocked. +3. Fix set/badip so that it appends new IP addresses correctly. +10Jan23======================================================================= +1. Add baddx on incoming callsign in RBN. +2. Search for all /spider/local_data/badip.* files to allow more control on + which IP addresses are detected. e.g. badip.torexit, badip.torrelay as well + as baddx.local. The suffixes, apart from .local (created by set/badip) are + completely arbitrary. You can use whichever suffix name you like. This is + a more useful arrangement for the ever increasing sources of "bad ip + addresses" that we need to deter. + + NOTE: all badip. are read only EXCEPT badip.local (which can be + altered in real time by the sysop using set/badip ...). + If one uses periodic crontab jobs to update any other badip. + files from web resources then don't forget to 'load/badip' afterwards. +3. Add a /spider/data/baddx.issue file which can be copied to (or used as a + basis to create) /spider/local_data/baddx +09Jan23======================================================================= +1. Finish implemention of DXCIDR ip address filtering. This works on both + logins (treated the same as locked out - i.e. just disconnected) and also + with PC61s where these sentences are just dropped. Also attempt to prevent + any *following* PC11s with the same data getting through. + + YOU WILL NEED either 'cpanm Net::CIDR::Lite' or debian/ubuntu based distros + 'apt install libnet-cidr-lite-perl'. RedHat based systems will have similar + packages available. + +2. Recognise PC18s coming from CC Clusters more nicely. 04Jan23======================================================================= 1. Fillout DXCIDR, attach checks in PC61 and logins. Login that fail will simply disconnect, like locked out callsigns