-
Notifications
You must be signed in to change notification settings - Fork 0
contribution guide
GitHub Actions edited this page Jun 1, 2026
·
2 revisions
You will learn how to maintain a local update-ipsets catalog: where YAML files live, what to check before enabling a feed, and how to validate the result with the daemon.
- Add or modify YAML configuration files under the catalog directory.
- Validate the feed through the daemon and admin UI.
- Confirm public API and raw-download behavior.
- Record license and attribution details before publishing redistributed data.
Before relying on a new or changed feed, verify:
- The URL works and returns IP or CIDR data.
- The configured processor pipeline produces valid IP ranges.
- The category matches the feed's operational meaning.
- The license and attribution fields match the direct upstream's terms.
- The feed does not duplicate an existing catalog entry.
- Public raw downloads are allowed only when
redistributableis true.
configs/firehol/
sources/
<category>/
<feed>.yaml
merges/
<name>.yaml
artifacts/
<name>.yaml
runtime.yaml
categories.yaml
sources:
my_new_feed:
url: https://example.com/blocklist.txt
frequency: 60
ipv: ipv4
output: ipset
category: malware_infrastructure
maintainer: Example Corp
maintainer_url: https://example.com/
license: CC-BY-SA-4.0
redistributable: true
attribution: |
Data provided by Example Corp.
https://example.com/terms
info: '[Example Corp](https://example.com/) example blocklist'
processor:
- remove_comments
- extract_ipv4_cidrmerges:
my_merge:
frequency: 60
ipv: ipv4
output: netset
category: intrusion
maintainer: Local Catalog Operator
license: multiple
redistributable: true
sources:
- feed_a
- feed_b
exclude:
- whitelist_feedStart the daemon with your catalog:
update-ipsets daemon --config configs/firehol --enable-all --listen :18888 \
--admin-auth-mode=disabled --allow-unauthenticated-adminThen check:
- The feed appears in the admin UI at
http://localhost:18888/admin. - Recheck completes without download or processing errors.
- The feed appears in the public catalog:
curl http://localhost:18888/api/v1/sets/<name>. - Raw data is available only when redistribution is allowed:
curl http://localhost:18888/api/v1/sets/<name>/data.
- Daemon Command Reference
- Environment Variables
- Configuration Reload
- Listener Topologies
- Admin Authentication
- Feed Families
- Source Feeds
- Processor Reference
- Static Feeds
- Merge Feeds
- Artifact Parents
- History Derivatives
- Provider Databases
- Use Roles
- Critical Infrastructure Reference Feeds
- Legal Fields
- Feed Visibility & Lifecycle
- YAML Field Reference
- Pipeline Overview
- Download Lifecycle
- Processing Lifecycle
- Feed Status Reference
- Health Classes
- What Triggers Reprocessing
- Accessing the Admin
- Runtime Status
- Feed Inventory
- Artifact Inventory
- Live Queues
- Background Work
- Schedule State
- Operator Actions
- Enable & Disable