-
Notifications
You must be signed in to change notification settings - Fork 0
updating config
You will learn how to update the feed configuration catalog and how local edits interact with upgrades.
The source catalog is in the repository at configs/firehol/. Each feed has its own YAML file:
- Source feeds:
configs/firehol/sources/<category>/<feed>.yaml - Merge feeds:
configs/firehol/merges/<name>.yaml - Artifact parents:
configs/firehol/artifacts/<name>.yaml - Shared registries:
configs/firehol/runtime.yaml,categories.yaml, etc.
The installed active catalog is at /opt/update-ipsets/etc/config/.
Pull the latest changes and re-run install:
cd ~/src/firehol/update-ipsets
git pull
./install.shinstall.sh compares the repository catalog with the installed catalog. If files changed:
- Updated files are deployed to
/opt/update-ipsets/etc/config/ - The previous config directory is preserved as a timestamped backup
- The daemon picks up changes on restart
sudo systemctl restart update-ipsetsOr reload without restart (if only feed definitions changed, not runtime settings):
sudo systemctl kill -s HUP update-ipsetsEvery time install.sh detects a configuration change, it creates a backup:
/opt/update-ipsets/etc/config.bak.20250501120000/
Multiple backups accumulate over time. Old backups are safe to delete manually.
You can edit files directly in /opt/update-ipsets/etc/config/:
sudo vim /opt/update-ipsets/etc/config/sources/intrusion/myfeed.yamlAfter editing, reload or restart:
sudo systemctl kill -s HUP update-ipsetsWhen you run install.sh again:
- If the installed config directory is identical to
configs/firehol/, it is left untouched - If the installed config directory differs from
configs/firehol/, the whole active config directory is backed up and replaced with the repository catalog - The backup directory preserves your previous version
To protect critical local edits, keep a copy outside the config directory or use a local patch file, then reapply it after the reinstall.
If you are migrating from the legacy bash implementation, see Migration from bash for the full migration procedure.
- Daemon Command Reference
- Environment Variables
- Configuration Reload
- Listener Topologies
- Admin Authentication
- Feed Families
- Source Feeds
- Processor Reference
- Static Feeds
- Merge Feeds
- Artifact Parents
- History Derivatives
- Provider Databases
- Use Roles
- Critical Infrastructure Reference Feeds
- Legal Fields
- Feed Visibility & Lifecycle
- YAML Field Reference
- Pipeline Overview
- Download Lifecycle
- Processing Lifecycle
- Feed Status Reference
- Health Classes
- What Triggers Reprocessing
- Accessing the Admin
- Runtime Status
- Feed Inventory
- Artifact Inventory
- Live Queues
- Background Work
- Schedule State
- Operator Actions
- Enable & Disable