Open yebo29 opened 6 years ago
👍
+1 to this.
Let's see:
# echo "192.30.253.112" | iprange - --compare-next *.{ip,net}set | grep -v ",0$"
stdin,ib_malc0de.netset,1,195,1,198,198,1
stdin,iblocklist_malc0de.netset,1,195,1,198,198,1
stdin,firehol_level4.netset,1,81999,1,9341645,9341645,1
stdin,firehol_level3.netset,1,26111,1,53756,53756,1
stdin,vxvault.ipset,1,73,1,73,73,1
stdin,cleanmx_viruses.ipset,1,12190,1,12190,12190,1
So, it is included in firehol_level3
because of vxvault
and firehol_level4
because of cleanmx_viruses
.
I am afraid I can only remove those lists entirely from the firehol lists. I don't control vxvault
and cleanmx_viruses
and I can't filter out anything (I never alter lists, even when merging them).
So, I think the only solution is to remove them. Do you agree?
btw, the fact that cleanmx_viruses
and vxvault
list this IP, means that probably github faces a malware/virus issue...
Sounds reasonable.. so what would be the proper fix/thing to do in this case? I guess leave my pfblocker to deny_inbound for now? Thanks!
This is still kind of happening - github CDN seems to be blocked on level3. It's a little on and off but CSS is blocked 80% of the time and images are blocked all the time.
I set my firewall to deny_inbound for the time being.
For file firehol_level3.netset github is being blocked on our network (192.30.253.112). Had to set that rule to deny_inbound only. Was this on purpose? Whois for the above IP indeed belongs to github.