Skip to content

Releases: friendly-bits/geoip-shell

v0.1

05 Feb 14:37
@friendly-bits friendly-bits
v0.1
bb04a4d
This commit was created on GitHub.com and signed with GitHub’s verified signature.
GPG key ID: B5690EEEBB952194
Verified
Learn about vigilant mode.
Compare
Choose a tag to compare
v0.1

First public release with the new name 'geoip-shell'.

What's changed in this project since the last release of geoblocker-bash?

A lot. Main changes:

  • All scripts have been translated from Bash to POSIX-compliant shell code.

  • nftables support has been implemented, iptables support has been removed.

  • very different (and significantly better) structure of firewall rules under the hood.

  • Proper support for running on a router has been implemented, alongside support for running on a host.

  • Additional features have been implemented, including support by the -manage and -apply scripts of switching geoip on and off while leaving the firewall rules and nftables sets in place.

  • The raw ip lists are no longer kept on disk after having been applied. Instead, once the ip lists have been loaded into nftables sets (which also optimizes them), they get dumped back to disk, then compressed by the -backup script. The compressed lists are then used both to restore nftables sets after a reboot and as a backup.

  • Virtually every bit of code has been optimized and improved.

  • Some complexities in internal logic have been replaced by a more straightforward code, which makes the project more robust and reliable.

  • The -fetch and -apply scripts have been almost completely rewritten. The -manage script has been streamlined and partially rewritten. Most other scripts went through significant changes.

  • A lot of external dependencies have been removed and their functionality implemented through shell builtins.

  • Documentation has been updated and improved.

  • 3 new scripts have been added:

  • geoip-shell-nft.sh: implements nftables-related functions used in several other scripts

  • posix-arrays-a-mini.sh: implements limited support for arrays (used to translate certain bits of the bash code which require arrays)

  • ip-regex.sh: holds some common regex's used in multiple scripts

  • After all these changes, the resulting code base is leaner by about a third (currently 114KB vs 170KB in geoblocker-bash).

As this is the first public release after massive changes in the code, there might be significant bugs. That said, I am using this code in production and so far it's doing its job.

Loading