ilikenwf / pg2ipset Goto Github PK

Hey there,

I just noticed the following in my logs:

ipt_ULOG: ULOG is deprecated and it will be removed soon, use NFLOG instead

It would be a good idea to support either only NFLOG (might kill some backwards compatibility) or support both, and while at it also allow to disable logging.

Hello,

How could someone use the ipset-update script at the same time with his own iptables rules? I have already a set of rules which deny all access except for a few ports and the pg2ipset match-set rules are added after them, so I suppose that the top port exception terminates the match.

# countries to block, must be lcase COUNTRIES=(af ae ir iq tr cn sa sy ru ua hk id kz kw ly)

It's an exceptionally mean feat to classify 2.057 billion (and counting) people as evil subhumans worth eradicating, and we'd like to honor you with a Lifetime Award of Hatred towards your fellow human beings on this planet Earth of ours.

Well done, Mein Herr, the simple size of your Final Solution is the boldest one yet not just attempted, but actually put into production.

I've been digging around and I cannot figure out how to whitelist a range. I can exclude the list (Bogon) that includes my required range, but that's not something I really want to do.

Hello,

First off, thanks for your great work. This is really very useful :)

I find that everything works great, except for the FORWARDING iptables rules. E.g.:

When I ping a blacklisted IP from inside the server it is blocked
When connected to the server as a VPN I can ping the blacklisted IP just fine

I've tried to debug this on my own but would love your opinion.

Thanks!