Recently, I wanted to try out abuseipdb on my vyos test instance. A google search turned up a bunch of attempts but nothing in the product already. There are a number of requests and proposals over time to support downloadable IP lists for various purposes. Someone even went through the trouble of creating a full on debian package (that did not get good reviews on these forums).
I did eventually find the remote-groups, but when I tried it with abuseipdb I hit a couple of fun issues:
- Injecting a ? into the CLI is annoyingly hard
- The vyos downloader fails with no useful output
I modified the downloader to show me the exception and it turns out that the downloader will only work if HEAD returns without an error and the abuseipdb API rejects HEAD requests with a 405.
This is actually pretty simple to fix. Would the maintainers accept a PR for the following:
- Try to get content length from the GET headers if HEAD is not supported
- Implement a common URL redaction API in remote.py to protect URL query based credentials
- Implement
set firewall group remote-group <name> interval <seconds>
This would I think use the existing infrastructure to completely obviate all the below requests.
Thanks!