From e5199aee9271177a5ea06286dc85d57b267ceaa2 Mon Sep 17 00:00:00 2001 From: "Sergey G. Brester" Date: Sat, 1 Mar 2025 00:23:55 +0100 Subject: [PATCH 1/2] action.d/ufw.conf: update comment: fix syntax in example, because `dst` as command parameter doesn't have precedence over or-expression, so second `sport` would ignore `dst` and kill any connection for https regardless the IP --- config/action.d/ufw.conf | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/config/action.d/ufw.conf b/config/action.d/ufw.conf index c9ff7f37..060093a0 100644 --- a/config/action.d/ufw.conf +++ b/config/action.d/ufw.conf @@ -44,7 +44,7 @@ _kill_conntrack = conntrack -D -s "" # Option: kill # Notes.: can be used to specify custom killing feature, by default depending on option kill-mode -# Examples: banaction = ufw[kill='ss -K "( sport = :http || sport = :https )" dst "[]"'] +# Examples: banaction = ufw[kill='ss -K "dst = [] && ( sport = :http || sport = :https )"'] # banaction = ufw[kill='cutter ""'] kill = <_kill_> From c9b5e845ba5cdfff5fdde3ea1ddc2c97a5cfb22a Mon Sep 17 00:00:00 2001 From: "Sergey G. Brester" Date: Sat, 1 Mar 2025 20:19:35 +0100 Subject: [PATCH 2/2] `action.d/cloudflare-token.conf`: fixes `actionunban` retrieving of CF-ID from IP: force adding parameters to URL as query string (add `-G` to curl); closes gh-3952 --- config/action.d/cloudflare-token.conf | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/config/action.d/cloudflare-token.conf b/config/action.d/cloudflare-token.conf index ff5f5c4e..dd6f2609 100644 --- a/config/action.d/cloudflare-token.conf +++ b/config/action.d/cloudflare-token.conf @@ -50,7 +50,7 @@ actionban = curl -s -X POST "<_cf_api_url>" \ #