From 28509909126a84f5aa34ddeae380459646ed0a19 Mon Sep 17 00:00:00 2001 From: Alex 'AdUser' Z Date: Mon, 18 Jan 2021 22:38:36 +1000 Subject: [PATCH] * clean docs & debian scripts --- configs/conf-available/05-source-mcast.conf | 6 ------ configs/conf-available/10-backend-mcast.conf | 4 ---- debian/f2b.install | 3 --- debian/rules | 1 - docs/configuration.md | 20 +------------------- 5 files changed, 1 insertion(+), 33 deletions(-) delete mode 100644 configs/conf-available/05-source-mcast.conf delete mode 100644 configs/conf-available/10-backend-mcast.conf diff --git a/configs/conf-available/05-source-mcast.conf b/configs/conf-available/05-source-mcast.conf deleted file mode 100644 index 83aba27..0000000 --- a/configs/conf-available/05-source-mcast.conf +++ /dev/null @@ -1,6 +0,0 @@ -[source:mcast] -load = source_mcast.so -; group = 239.255.186.1 -; port = 3370 -; bind = 0.0.0.0 -; iface = eth0 diff --git a/configs/conf-available/10-backend-mcast.conf b/configs/conf-available/10-backend-mcast.conf deleted file mode 100644 index 6accae1..0000000 --- a/configs/conf-available/10-backend-mcast.conf +++ /dev/null @@ -1,4 +0,0 @@ -[backend:mcast] -load = backend_mcast.so -; group = 239.255.186.1 -; port = 3370 diff --git a/debian/f2b.install b/debian/f2b.install index 1a0e0cc..375ad35 100644 --- a/debian/f2b.install +++ b/debian/f2b.install @@ -1,8 +1,6 @@ etc/f2b/conf-available/*-source-files.conf -etc/f2b/conf-available/*-source-mcast.conf etc/f2b/conf-available/*-source-portknock.conf etc/f2b/conf-available/*-filter-preg.conf -etc/f2b/conf-available/*-backend-mcast.conf etc/f2b/conf-available/*-backend-exec-*.conf etc/f2b/conf-enabled etc/f2b/f2b.conf @@ -11,7 +9,6 @@ usr/bin/f2bc usr/sbin/f2b usr/share/f2b usr/lib/*/f2b/source_files.so -usr/lib/*/f2b/source_mcast.so usr/lib/*/f2b/source_portknock.so usr/lib/*/f2b/filter_preg.so usr/lib/*/f2b/backend_exec.so diff --git a/debian/rules b/debian/rules index 4b720f2..7d5f77f 100755 --- a/debian/rules +++ b/debian/rules @@ -20,6 +20,5 @@ override_dh_auto_configure: dh_auto_configure -- \ -DCMAKE_LIBRARY_PATH=$(DEB_HOST_MULTIARCH) \ -DWITH_REDIS=ON \ - -DWITH_MCAST=ON \ -DWITH_IPSET=ON \ -DWITH_HARDENING=ON diff --git a/docs/configuration.md b/docs/configuration.md index e7d62d7..58a30f5 100644 --- a/docs/configuration.md +++ b/docs/configuration.md @@ -76,13 +76,6 @@ portknock Address is optional, eg "23" and "0.0.0.0:23" is the same. For ipv6 address use square brackets like this: "[fe80::fe14:a87c]:23". -mcast -: Init string is name of group in multicast messages. Options are: - * group -- address of multicast group. Should be in net 239.255.0.0/16 - * address -- bind address for socket (default: 0.0.0.0) - * port -- destination port for multicast messages (default: 3370, don't change unless you know what you doing) - * iface -- sets default interface for multicast messages (use system settings if not set) - Filter-modules -------------- @@ -120,12 +113,6 @@ redis : Init string is name of pubsub channel on redis server (will be prefixed with "f2b-") Options almost the same as source/redis. 'ping' option - for keeping connection alive (see PING redis command) -mcast -: Init string is name of group in multicast messages. Options are: - * group -- address of multicast group. Should be in net 239.255.0.0/16 - * port -- destination port for multicast messages (default: 3370, don't change unless you know what you doing) - * iface -- sets default interface for multicast messages (use system settings if not set) - Teamwork ======== @@ -151,7 +138,7 @@ Now let's change the workflow: * `jail:actor/matches` decides should we ban this ip or not * `jail:actor/backend` bans/releases given IPs -For now supported `blackbox` types is `multicast group` and `redis database`. +For now supported `blackbox` type is `redis database`. Various jail types may be combined and omitted. Some possible variants: @@ -160,11 +147,6 @@ Various jail types may be combined and omitted. Some possible variants: jail:sensor2 --> [ REDIS ] <-- jail:sensor4 jail:actor1 <-- [ DB ] --> jail:actor2 - [ HOST1 ] [ HOST2 ] - jail:actor1 <-- [ MCAST ] --> jail:actor2 - jail:empty --> [ GROUP ] <-- jail:sensor1 - ^-- user@f2bc - Now let's see real configs. This is modified sample from section `General notes`. [source:redis]