Skip to content

Releases: friendly-bits/geoip-shell

v0.4.9

06 Apr 05:54
@friendly-bits friendly-bits
v0.4.9
3a12aca
Compare
Choose a tag to compare
v0.4.9

This release focuses on security and reliability aspects.

Main changes:

  • Set correct permissions for the status file and the datadir used by geoip-shell on OpenWrt
  • Improved validation for strings which geoip-shell does not control, such as user input and data read from the filesystem
  • Improved handling of unsafe strings
  • Additional checks of critical variables in multiple scripts
  • Improved trap signal handling (a trap means reacting to external signals, such as when the script gets closed by Ctrl+C etc - in these conditions it needs to clean up before exiting)
  • Improved handling of weird network interface names in the command passed to nftables
  • Fixed a bug with manually specifying multiple network interfaces
  • The status report now reports some additional possible (but unlikely) issues, such as missing certain config entries
  • Minor efficiency improvements in the way geoip-shell reads certain files in the filesystem

And some additional changes:

  • Now the status report includes information about nftables sets optimization policy (memory or performance).
  • The mk-owrt-package.sh script has been split into prep-owrt-package.sh and mk-owrt-package.sh, per user request. The prep- script prepares geoip-shell files for creating a package but doesn't build the package itself.
  • Updated documentation.

Full Changelog: v0.4.8...v0.4.9

Loading

v0.4.8

05 Apr 00:10
@friendly-bits friendly-bits
v0.4.8
6d813d9
Compare
Choose a tag to compare
v0.4.8

Main changes in this release:

  • Now geoip-shell checks RAM capacity and if it is higher than 2GiB, the 'performance' policy for nftables sets is used by default
  • Fixed a minor bug where if uninstalling geoip-shell before configuring it, the OpenWrt uninstall script would print the error 'rm_all_georules: not found'
  • Improved usage output for protocols/ports config setting

Full Changelog: v0.4.7.1...v0.4.8

Loading

v0.4.7.1

04 Apr 20:11
@friendly-bits friendly-bits
v0.4.7.1
4519c45
Compare
Choose a tag to compare
v0.4.7.1

Main changes in this release:

  • Now when crontab file is missing and the user confirms geoip-shell's recommendation to automatically enable and start the cron service, geoip-shell creates the crontab file.
  • Improved error handling in the -cronsetup script

Full Changelog: v0.4.7...v0.4.7.1

Loading

v0.4.7

04 Apr 06:48
@friendly-bits friendly-bits
v0.4.7
36d5126
Compare
Choose a tag to compare
v0.4.7

Main changes in this release:

  • Now when detecting that cron is not running, geoip-shell will offer the user to automatically enable and start the cron service, unless all features requiring cron have been disabled. This functionality is currently tested with OpenWrt and with Systemd-based Debian derivatives and should work with most other modern'ish Linux systems.
  • Some minor improvements to backend functions.

Full Changelog: v0.4.6...v0.4.7

Loading

v0.4.6

03 Apr 17:48
@friendly-bits friendly-bits
v0.4.6
b23b6a9
Compare
Choose a tag to compare
v0.4.6

Main changes in this release:

  • the -k option in the -install script (for noblock) has been replaced by the -N option
  • the -e option in the -install script (for nft sets optimization policy) has been replaced by the -O option. The -O option now requires an argument <memory|performance>. The defaults stayed the same (optimizes for memory by default).
  • the -manage script now supports changing nft sets optimization policy after installation via this command: geoip-shell configure -O <memory|performance>.
  • the configure action in the -manage script now supports the -z option for fully non-interactive setup.
  • some improvements to arguments parsing in the -lib-setup script.
  • improved usage() functions output in the -install and -manage scripts
  • when updating an OpenWrt package, the new version now runs the -manage script in non-interactive mode which automatically picks up existing config and sets up geoip blocking without requiring to manually run geoip-shell configure.
  • improvements in the OpenWrt makefile and in the mk-owrt-package script for much faster compilation and hopefully better compliance with OpenWrt standards (I'm about to submit the package to OpenWrt).

Full Changelog: v0.4.5...v0.4.6

Loading

v0.4.5

02 Apr 20:37
@friendly-bits friendly-bits
v0.4.5
cfcd16c
Compare
Choose a tag to compare
v0.4.5

Main changes in this release:

  • geoip-shell now tolerates conditions where the config file is lost and helps the user to recreate it, rather than dying with an error
  • on OpenWrt, updating the package now doesn't reset the config (when updating from a version earlier than v0.4.5, the config will still get reset)
  • Cron jobs are now created and removed more efficiently
  • Fixed a bug with the record of last successful update time getting lost under certain conditions
  • Improved some console and log messages
  • Updated documentation

Full Changelog: v0.4.4...v0.4.5

Loading

v0.4.4

02 Apr 06:41
@friendly-bits friendly-bits
v0.4.4
86d2ac5
Compare
Choose a tag to compare
v0.4.4

Main changes in this release:

  • the -install script now supports specifying the firewall backend (iptables or nftables)
  • the configure action in the -manage script now supports changing the firewall backend after installation
    (both of the above options are not supported on OpenWrt)
  • the OpenWrt packages are now configured correctly with some settings which were missing in previous releases
  • Fixed installation on OpenWrt via the -install script
  • Additional minor bug fixes

Full Changelog: v0.4.3.1...v0.4.4

Loading

v0.4.3.1

02 Apr 01:48
@friendly-bits friendly-bits
v0.4.3.1
d30a821
Compare
Choose a tag to compare
v0.4.3.1

Main changes in this release:

  • the -manage script's configure action now supports additional options: -f <families> and -r <user_country_code>
  • the library directory was changed from /usr/lib to /usr/lib/geoip-shell
  • fixed a bug with validation of country codes under some conditions

Full Changelog: v0.4.3...v0.4.3.1

Loading

v0.4.3

31 Mar 18:54
@friendly-bits friendly-bits
v0.4.3
fdeca94
Compare
Choose a tag to compare
v0.4.3

Main changes in this release:

  • Improved firewall rules order (now the icmpv6 and dhcpv6 rules are always processed before ipsets)
  • The status report now includes last successful update date and time
  • Improved usage() output in multiple scripts
  • Refinements in installation and setup
  • In particular, faster initial setup for iptables-based OpenWrt systems

Full Changelog: v0.4.2...v0.4.3

Loading

v0.4.2

31 Mar 05:06
@friendly-bits friendly-bits
v0.4.2
9cbfca4
Compare
Choose a tag to compare
v0.4.2

This release fixes a regression with LAN subnets not being stored in config and an additional minor bug with the lib-setup script. I think we're done with bugs for now.

There are some additional changes with OpenWrt builds:

  • debug-related code is now stripped from the scripts when compiling OpenWrt packages to reduce their size somewhat
  • Fixed a minor bug with firewall being restarted twice when uninstalling
  • The package for iptables-based OpenWrt systems will now refuse to install when detecting firewall4, in order to avoid dependency problems
  • Some improvements in the mk-owrt-package.sh script which are mainly interesting to myself

Also a bit of code maintenance has been done in almost all scripts.

Full Changelog: v0.4.1...v0.4.2

Loading