From f284444782bf92955160f580e6f1f05b42a961da Mon Sep 17 00:00:00 2001
From: jgmdev <jgmdev@gmail.com>
Date: Tue, 6 Nov 2018 14:49:40 -0400
Subject: [PATCH] Updated documentation and increased version number to reflect
 the ip ranges and cidr support.

---
 ChangeLog   | 15 +++++++++++++++
 README.md   |  6 ++++--
 man/ddos.1  | 22 ++++++++++++++++++----
 src/ddos.sh |  4 ++--
 4 files changed, 39 insertions(+), 8 deletions(-)

diff --git a/ChangeLog b/ChangeLog
index 55978a0..da77a8c 100644
--- a/ChangeLog
+++ b/ChangeLog
@@ -1,6 +1,21 @@
 Changes Log
 ==========================================================================
 
+Version 1.0 - Date 06/11/2018
+
+  * Support for ip ranges (CIDR) on the ignore.ip.list thanks to
+    safly (https://github.com/safly)
+  * grepcidr install requirement introduced with the support for CIDR
+  * New syntax supported on ignore.ip.list
+       a.b.c.d/xy        (CIDR format)
+       a.b.c.d-e.f.g.h   (IP range)
+    For more details read the grepcidr man page.
+  * Fixed bug $CONF not found thanks to
+    WoozyMasta (https://github.com/WoozyMasta)
+  * Added unban flag -u --unban
+  * Added logrotate configuration file to uninstall script.
+  * Prioritize systemd detection on install script.
+
 Version 0.9 - Date 05/03/2017
 
   * Support for freebsd and many other improvements thanks to
diff --git a/README.md b/README.md
index 43f78b0..fa3de98 100644
--- a/README.md
+++ b/README.md
@@ -20,13 +20,13 @@ netstat -an | awk '{print $5}' | cut -d: -f1 | sort | uniq -c | sort -n
 
 IP addresses with over a pre-configured number of connections are
 automatically blocked in the server's firewall, which can be direct
-ipfw, iptables, or Advanced Policy Firewall (APF). (We highly recommend that
-you use APF on your server in general, but deflate will work without it.)
+ipfw, iptables, or Advanced Policy Firewall (APF).
 
 ### Notable Features
 
 * It is possible to whitelist IP addresses, via /etc/ddos/ignore.ip.list.
 * It is possible to whitelist hostnames, via /etc/ddos/ignore.host.list.
+* IP ranges and CIDR syntax is supported on /etc/ddos/ignore.ip.list
 * Simple configuration file: /etc/ddos/ddos.conf
 * IP addresses are automatically unblocked after a preconfigured time limit (default: 600 seconds)
 * The script can run as a cron job at chosen frequency via the configuration file (default: 1 minute)
@@ -85,6 +85,8 @@ On this file you can add a list of ip addresses to be whitelisted, for
 example:
 
 > 12.43.63.13 <br />
+> 165.123.34.43-165.123.34.100 <br />
+> 192.168.1.0/24 <br />
 > 129.134.131.2
 
 **/etc/ddos/ddos.conf**
diff --git a/man/ddos.1 b/man/ddos.1
index 3f45c0e..5b2d2e8 100644
--- a/man/ddos.1
+++ b/man/ddos.1
@@ -37,8 +37,7 @@ and easiest to install solutions at the software level.
 .PP
 IP addresses with over a pre-configured number of connections are
 automatically blocked in the server's firewall, which can be direct
-ipfw, iptables, or Advanced Policy Firewall (APF). (We highly recommend that
-you use APF on your server in general, but deflate will work without it.)
+ipfw, iptables, or Advanced Policy Firewall (APF).
 
 .SH OPTIONS
 
@@ -78,12 +77,27 @@ block ip's making \fINUMBER_OF_CONNECTIONS\fR or more
 .PP
 It is possible to whitelist IP addresses by adding a
 .B new-line
-separated list of ip's to /etc/ddos/ignore.ip.list
+separated list of ip's to /etc/ddos/ignore.ip.list,
+you can use IP range syntax and CIDR syntax, for example:
+
+.RS 4
+192.168.1.0/24           (CIDR format)
+.br
+24.12.34.1-24.12.34.30   (IP range)
+.br
+192.168.1.156            (Single IP)
+.RE
 
 .PP
 It is also possible to whitelist hostnames by adding a
 .B new-line
-separated list of hosts to /etc/ddos/ignore.host.list
+separated list of hosts to /etc/ddos/ignore.host.list, for example:
+
+.RS 4
+googlebot.com
+.br
+dynamic-ip.somehost.com
+.RE
 
 .SH SETTINGS
 You can modify the script settings by editing /etc/ddos/ddos.conf
diff --git a/src/ddos.sh b/src/ddos.sh
index ff98c14..5be7409 100755
--- a/src/ddos.sh
+++ b/src/ddos.sh
@@ -1,6 +1,6 @@
 #!/bin/sh
 ##############################################################################
-# DDoS-Deflate version 0.9 Author: Zaf <zaf@vsnl.com>                        #
+# DDoS-Deflate version 1.0 Author: Zaf <zaf@vsnl.com>                        #
 ##############################################################################
 # Contributors:                                                              #
 # Jefferson González <jgmdev@gmail.com>                                      #
@@ -33,7 +33,7 @@ load_conf()
 
 head()
 {
-    echo "DDoS-Deflate version 0.9"
+    echo "DDoS-Deflate version 1.0"
     echo "Copyright (C) 2005, Zaf <zaf@vsnl.com>"
     echo
 }