Updated documentation and increased version number to reflect the ip …

…ranges and cidr support.

ChangeLog

@@ -1,6 +1,21 @@
 Changes Log
 ==========================================================================
 
+Version 1.0 - Date 06/11/2018
+
+  * Support for ip ranges (CIDR) on the ignore.ip.list thanks to
+    safly (https://github.com/safly)
+  * grepcidr install requirement introduced with the support for CIDR
+  * New syntax supported on ignore.ip.list
+       a.b.c.d/xy        (CIDR format)
+       a.b.c.d-e.f.g.h   (IP range)
+    For more details read the grepcidr man page.
+  * Fixed bug $CONF not found thanks to
+    WoozyMasta (https://github.com/WoozyMasta)
+  * Added unban flag -u --unban
+  * Added logrotate configuration file to uninstall script.
+  * Prioritize systemd detection on install script.
+
 Version 0.9 - Date 05/03/2017
 
   * Support for freebsd and many other improvements thanks to

README.md

@@ -20,13 +20,13 @@ netstat -an | awk '{print $5}' | cut -d: -f1 | sort | uniq -c | sort -n
 
 IP addresses with over a pre-configured number of connections are
 automatically blocked in the server's firewall, which can be direct
-ipfw, iptables, or Advanced Policy Firewall (APF). (We highly recommend that
-you use APF on your server in general, but deflate will work without it.)
+ipfw, iptables, or Advanced Policy Firewall (APF).
 
 ### Notable Features
 
 * It is possible to whitelist IP addresses, via /etc/ddos/ignore.ip.list.
 * It is possible to whitelist hostnames, via /etc/ddos/ignore.host.list.
+* IP ranges and CIDR syntax is supported on /etc/ddos/ignore.ip.list
 * Simple configuration file: /etc/ddos/ddos.conf
 * IP addresses are automatically unblocked after a preconfigured time limit (default: 600 seconds)
 * The script can run as a cron job at chosen frequency via the configuration file (default: 1 minute)
@@ -85,6 +85,8 @@ On this file you can add a list of ip addresses to be whitelisted, for
 example:
 
 > 12.43.63.13 <br />
+> 165.123.34.43-165.123.34.100 <br />
+> 192.168.1.0/24 <br />
 > 129.134.131.2
 
 **/etc/ddos/ddos.conf**

man/ddos.1

@@ -37,8 +37,7 @@ and easiest to install solutions at the software level.
 .PP
 IP addresses with over a pre-configured number of connections are
 automatically blocked in the server's firewall, which can be direct
-ipfw, iptables, or Advanced Policy Firewall (APF). (We highly recommend that
-you use APF on your server in general, but deflate will work without it.)
+ipfw, iptables, or Advanced Policy Firewall (APF).
 
 .SH OPTIONS
 
@@ -78,12 +77,27 @@ block ip's making \fINUMBER_OF_CONNECTIONS\fR or more
 .PP
 It is possible to whitelist IP addresses by adding a
 .B new-line
-separated list of ip's to /etc/ddos/ignore.ip.list
+separated list of ip's to /etc/ddos/ignore.ip.list,
+you can use IP range syntax and CIDR syntax, for example:
+
+.RS 4
+192.168.1.0/24           (CIDR format)
+.br
+24.12.34.1-24.12.34.30   (IP range)
+.br
+192.168.1.156            (Single IP)
+.RE
 
 .PP
 It is also possible to whitelist hostnames by adding a
 .B new-line
-separated list of hosts to /etc/ddos/ignore.host.list
+separated list of hosts to /etc/ddos/ignore.host.list, for example:
+
+.RS 4
+googlebot.com
+.br
+dynamic-ip.somehost.com
+.RE
 
 .SH SETTINGS
 You can modify the script settings by editing /etc/ddos/ddos.conf

src/ddos.sh

@@ -1,6 +1,6 @@
 #!/bin/sh
 ##############################################################################
-# DDoS-Deflate version 0.9 Author: Zaf <[email protected]>                        #
+# DDoS-Deflate version 1.0 Author: Zaf <[email protected]>                        #
 ##############################################################################
 # Contributors:                                                              #
 # Jefferson González <[email protected]>                                      #
@@ -33,7 +33,7 @@ load_conf()
 
 head()
 {
-    echo "DDoS-Deflate version 0.9"
+    echo "DDoS-Deflate version 1.0"
     echo "Copyright (C) 2005, Zaf <[email protected]>"
     echo
 }