-
Notifications
You must be signed in to change notification settings - Fork 4
/
Copy pathTODO
20 lines (20 loc) · 1.1 KB
/
TODO
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
* Add support for block_script
* Add SQLite support in hawk.pl, hawk-unblock.sh, install_hawk.sh and hawk_config.sh
* Convert the whitelist checks from hash to Net::Patricia, so we can support IPs and prefixes
* Support accouting per /24 prefixes, not only single IPs
* Create sigHup handler to reload the config
- reopen logfile
- rewrite the pidfile
- reload the whitelist
- clean the attackers hash
* setup_iptables.sh should
- detect if the system supports iptables comments and if so, update the configuration file
- check if the INPUT policy is DROP/REJECT or it is ACCEPT and the last rule is REJECT, and add our chain according to that info
- support ipset (creation of the ipset, adding the rule, setting up the configuration file setting)
- handle firewalld, ufw and csf
* detect the distribution using /etc/os-release in make_rpm.sh
* In do_block()
- fix the regex to actually verify the block_list
- update the print to store the actual command, not this hardcoded iptables
* Add support for Redis instead of SQL
* Logrotate configuration for hawk.log (if logrotate is detected on the machine)