Skip to content

History

Revisions

  • docs(suricata): Add Alert Routing section for v1.11.0 - Routing precedence: SID → Category → Port → Keywords → Priority - Module ownership table (login, portscan, ddos) - Category normalization explanation - Tiebreak rules for SSH brute vs portscan - Rate gate for DDoS (10 events/10s threshold) - Deduplication with LRU eviction - routing.conf configuration reference Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>

    @itcmsgr itcmsgr committed Feb 8, 2026
    63698f2
  • docs: Add v1.10.0 to Statistics History | 2026-02-08 | v1.10.0 | ~194,000 | ~250,000 | Code consolidation, security hardening, FHS expansion |

    @itcmsgr itcmsgr committed Feb 7, 2026
    ec374ce
  • docs: Add v1.10.0 to Growth Over Time table - Added v1.10.0 (2026-02-08): ~250,000 lines (+0.2%) - Updated architecture diagram to v1.10.0 - Updated language percentages: 58.3% Shell, 41.7% Go

    @itcmsgr itcmsgr committed Feb 7, 2026
    94b7590
  • docs: Update to v1.10.0 + refresh code statistics Version: 1.9.4 → 1.10.0 Shell: 207 files → 204 files, ~118K → ~113K lines Go: 218 files → 228 files, ~75.5K → ~81K lines Total: ~193.5K → ~194K lines

    @itcmsgr itcmsgr committed Feb 7, 2026
    6dd355c
  • docs(timer): Update geoip schedule to 02:30 (staggered from rbl-check) - Changed core-geoip from Sun 02:00 to Sun 02:30 - Reduced jitter from 60m to 30m (weekly task) - Avoids collision with rbl-check at 02:00 Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>

    @itcmsgr itcmsgr committed Feb 7, 2026
    84d0471
  • docs(suricata): Add prerequisites and 0-rules troubleshooting - Add Prerequisites section before Quick Start - Add rules-verify and rules-ensure to command list - Add "Rules Not Loading (0 rules)" troubleshooting section - Explain why Suricata can run with 0 rules but provides no protection Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>

    @itcmsgr itcmsgr committed Feb 7, 2026
    1b463b5
  • docs: Remove deprecated nftban-cli references - Remove nftban-cli from FHS group table (replaced by nftban-panel) - Merge nftban-cli section into nftban group (deprecated) - Keep migration notes for users upgrading from old model Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>

    @itcmsgr itcmsgr committed Feb 7, 2026
    1999159
  • docs: Update Security Architecture for 3-group model Update documentation to reflect the new 3-group security model: - nftban: Admin/Operator (full access) - nftban-auditor: Read-only (reports, logs) - nftban-panel: Panel Operator (limited actions) Changes: - Updated access control model table - Added authorization hierarchy (CanConfig, CanAct, CanRead) - Updated permission matrix with correct columns - Updated "Adding Users" section - Added cPanel integration example - Marked nftban-cli as deprecated Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>

    @itcmsgr itcmsgr committed Feb 7, 2026
    b3b88a3
  • docs: Fix auditor role documentation based on code audit - Fix nftban-auditor: CAN access Web GUI (read-only), not "Cannot" - Add all allowed systemd verbs for auditor (show, is-enabled, is-failed, list-units, list-unit-files) - Update to 3-group model: nftban, nftban-cli, nftban-auditor - Mark nftban-panel as retired - Update permission matrix with nftban-cli column - Fix FHS-Compliance.md group table Changes verified against: - pkg/auth/pam.go (IsAdmin, IsOperator checks) - packaging/polkit-1/rules.d/20-nftban-auditor.rules - install/config/allowed-gui-groups - install/systemd/sysusers.d/nftban.conf Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>

    @itcmsgr itcmsgr committed Feb 7, 2026
    b18d818
  • fix(wiki): Fix Mermaid diagrams for GitHub rendering - Remove paths with / from node labels (causes lexical errors) - Remove <br/> tags from node labels (not supported) - Use quoted simplified labels instead - Add path reference tables where paths were removed Fixed files: - Architecture-Overview.md (component diagram, config flow) - Health-Check-Architecture.md (security model diagram) - Systemd-Units-Overview.md (service dependency diagram) - API-Handlers-Map.md (request flow, auth flow)

    @itcmsgr itcmsgr committed Feb 6, 2026
    38c0eba
  • docs(wiki): Remove confidential security audit pages Removed internal/confidential documents: - Security-Audit-Summary.md - Code-Quality-Report.md - Implementation-Roadmap.md Updated Home.md and _Sidebar.md to remove references.

    @itcmsgr itcmsgr committed Feb 6, 2026
    bf7b7c3
  • docs(wiki): Add Feb 2026 security audit documentation New pages from security audit: - Security-Audit-Summary.md - Audit findings and risk matrix - Code-Quality-Report.md - Dead code and complexity analysis - Implementation-Roadmap.md - 5-phase remediation plan - Health-Check-Architecture.md - Auto-heal system design - API-Handlers-Map.md - REST API endpoint reference - Systemd-Units-Overview.md - Complete systemd unit reference - Architecture-Overview.md - System components and data flow - CLI-Command-Tree.md - Visual CLI command hierarchy Updated pages: - Home.md - Merged audit status with quick start guide - _Sidebar.md - New sidebar navigation structure Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>

    @itcmsgr itcmsgr committed Feb 6, 2026
    fd97811
  • fix(wiki): Consolidate CI/RBL pages, apply style guide across all pages Consolidation (21 → 19 pages): - CI-Failure-Classification merged into Supported-Platforms - RBL-Monitoring merged into Security-Operations-Guide Style guide applied to 15 pages: - Remove "NFTBan" prefix from 7 page titles - Remove version/date lines from 10 pages - Remove emoji from all headings (Coding-Standards, NFT-Schema, Home) - Fix broken links (Distribution Strategy, Troubleshooting, DDoS-Protection, Metrics-Reference, Grafana-Dashboards, cPanel-Compatibility, RBL-Monitoring) - Standardize footer sections - Clean up marketing language and redundant content Home.md rewrite: - Complete documentation index with all 19 pages - Added missing links: Coding-Standards, Suricata, Project-Statistics - Removed broken links and stale version references - Clean, professional format without emoji Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>

    @itcmsgr itcmsgr committed Feb 5, 2026
    2b853ab
  • fix(wiki): Deduplicate Queue-and-Mail-Contract, clean up Timer-Schedule - Fix backoff table: retry 1=60s, retry 2=120s, retry 3=240s (was wrong) - Replace duplicated config defaults with links to Configuration-Reference - Condense transport detection priority to single line - Remove mail retry config defaults from API doc (belongs in Config-Ref) - Fix TOC anchors to match actual heading IDs - Timer-Schedule: remove version line, deduplicate collection groups - Timer-Schedule: consolidate duplicate Metrics-Architecture links in See Also Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>

    @itcmsgr itcmsgr committed Feb 5, 2026
    cdd679b
  • fix(wiki): Merge Firewall-Conflict-Detection and Connectors-Guide - Firewall-Conflict-Detection.md → Installation-Guide.md: enriched conflict section with detection table, error examples, runtime health check. Discarded developer-internal changelog content. - Connectors-Guide.md → Metrics-Architecture.md: expanded connectors section with full ES/Kafka/File configs, record format, advanced config, CLI commands, troubleshooting. - NFT-Schema-Validation.md kept standalone (unique, no merge target). - Updated cross-references in 6 wiki pages. Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>

    @itcmsgr itcmsgr committed Feb 5, 2026
    2c7c074
  • fix(wiki): Consolidate 5 security pages into 2 Merge Security.md + Security-Architecture.md + Groups-and-Permissions.md into a single Security-Architecture.md. Absorb Portmapper-Security.md into Security-Operations-Guide.md. Fix 2-group vs 3-group inconsistency (3-group is correct). Update all cross-references across 4 wiki pages. 5 pages → 2 pages (-800 lines, zero content loss) Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>

    @itcmsgr itcmsgr committed Feb 5, 2026
    6b19f9f
  • fix(wiki): Merge Zabbix Integration into Metrics Architecture page Consolidate Zabbix Integration and Metrics Architecture into a single page. Update all cross-references across 6 wiki pages. Remove standalone Zabbix-Integration.md. Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>

    @itcmsgr itcmsgr committed Feb 5, 2026
    0a2edee
  • chore(wiki): Remove Emulate-Command.md (merged into CLI-Commands-Reference) Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>

    @itcmsgr itcmsgr committed Feb 5, 2026
    a69f2f7
  • fix(wiki): Merge and align CLI Commands + Emulate pages to style guide - Concatenate Emulate Command into CLI Commands Reference (single page) - Apply nftban documentation style guide (TOC, clean tables, proper heading levels) - Remove verbose filler text (1100 lines removed, 534 added) - Add global flags section, exit codes, environment variables - Add full suricata subcommand table (30+ subcommands) - Add full rbl subcommand table with flags - Add health subcommand table with all 18 subcommands - Emulate-Command.md now redirects to combined page Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>

    @itcmsgr itcmsgr committed Feb 5, 2026
    a0df93a
  • fix(wiki): Rewrite FHS Compliance page from canonical fhs-spec.yaml Corrected against build/fhs-spec.yaml (single source of truth): - Fix binary paths (/usr/lib/nftban/bin/ not /usr/sbin/ or /usr/libexec/) - Fix group names (nftban + nftban-auditor, not nftban-cli/nftban-auditors) - Fix /var/lib/nftban/ ownership (root:nftban security boundary, not nftban:nftban) - Add all conf.d/ subdirectories (ddos, portscan, login, panels, botscan) - Add all data subdirectories (queue, stats, snapshots, banned, whitelist, feeds, etc.) - Add systemd integration (tmpfiles.d, sysusers.d, service/timer unit tables) - Add permission model (ownership rationale, immutable files, capabilities) - Add polkit authorization section - Add common errors with fixes - Follow nftban documentation style guide Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>

    @itcmsgr itcmsgr committed Feb 5, 2026
    efe438a
  • docs: Remove all Mode 1/Mode 2 references - one install, enable features - Home.md: Simplified to 'Install Once, Enable What You Need' - Home.md: Updated Quick Start section - Home.md: Fixed cPanel link to Web-Panel-Compatibility - FHS-Compliance.md: Changed '(Mode 2)' to '(optional)' Logic: Install package once, user enables features as needed. Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>

    @itcmsgr itcmsgr committed Feb 4, 2026
    927ecdc
  • docs: Simplify Installation Guide - one install, enable features Removed 'Two Installation Modes' framing. Logic is: - Install package once - User enables features as needed Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>

    @itcmsgr itcmsgr committed Feb 4, 2026
    1d6d6e1
  • docs: Remove cPanel-Compatibility.md (consolidated in Web-Panel-Compatibility.md) cPanel content already exists in Web-Panel-Compatibility.md: - Detection and port configuration - cPHulk compatibility - xtables issue and solution Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>

    @itcmsgr itcmsgr committed Feb 4, 2026
    a989618
  • docs: Update wiki version references to v1.9.3 - Home.md: 1.0.0-beta → 1.9.3 - CLI-Commands-Reference.md: v1.7 → v1.9.3 - Configuration-Reference.md: 1.6.0 → 1.9.3 - Web-Panel-Compatibility.md: 1.9.1 → 1.9.3 - Security-Operations-Guide.md: v1.0+ → v1.9.3 Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>

    @itcmsgr itcmsgr committed Feb 4, 2026
    0f65b92
  • docs: Update Installation Guide with two modes section for v1.9.3 - Added 'Two Installation Modes' section (CLI-Only vs GUI+Metrics) - Clear comparison table for deployment options - Updated version references to 1.9.3 Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>

    @itcmsgr itcmsgr committed Feb 4, 2026
    cf2b0db
  • docs: Update Project Statistics to v1.9.3 Stats as of 2026-02-04: - CLI Commands: 62 - Shell Scripts: 207 (~118,000 lines) - Go Files: 218 (~75,500 lines) - Config Files: 49 - Systemd Units: 38 (26 services, 10 timers, 2 sockets) - Health Checks: 32 - Supported Distros: 12 - RBL Providers: 23 Added v1.9.3 features section with: - Quick sync mode - Performance optimizations - Update detection fixes - Geoban sync fixes Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>

    @itcmsgr itcmsgr committed Feb 4, 2026
    3854e7c
  • docs: Fix DDoS config paths and variable names - Fix config path: ddos.conf -> conf.d/ddos/classic.conf - Fix variable names: DDOS_SSH_CONN_LIMIT -> DDOS_CLASSIC_SSH_CONN_LIMIT - Add portscan disable command and mode options Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>

    @itcmsgr itcmsgr committed Feb 4, 2026
    965ba57
  • docs: Comprehensive wiki update for v1.9.3 Changes: - Add RBL-Monitoring.md: Complete RBL monitoring documentation - Add Web-Panel-Compatibility.md: Unified panel docs (cPanel, Plesk, DirectAdmin) - Update CLI-Commands-Reference.md: Add RBL, suricata, modes sections - Update Configuration-Reference.md: Add RBL and panel configuration - Consolidate Installation-Guide.md: Single unified installation flow - Update Security-Operations-Guide.md: Enhanced DDoS/portscan documentation - Update Timer-Schedule.md: Add 12-hour RBL check schedule Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>

    @itcmsgr itcmsgr committed Feb 4, 2026
    21fc200
  • docs(stats): Update Project Statistics from v1.3.0 to v1.8.0 - Total lines: 220,785 → 231,318 (+5%) - Go code: 58,592 → 61,686 lines - Bash code: 106,744 → 113,632 lines - Added v1.8.0 features: netlink backend, search optimization - Updated architecture diagram and performance metrics Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>

    @itcmsgr itcmsgr committed Jan 28, 2026
    3edc6c6
  • docs: Update documentation for v1.6.0 architecture cleanup Updated pages: - Metrics-Architecture.md: Removed VictoriaMetrics, documented unified exporter - Zabbix-Integration.md: Updated to reference unified exporter - Configuration-Reference.md: Removed VM config, updated metrics config - CLI-Commands-Reference.md: Simplified metrics commands (no VM options) - Timer-Schedule.md: Removed legacy timers, unified exporter only Key changes: - VictoriaMetrics support REMOVED (was 0% operational) - Unified exporter is the ONLY metrics exporter - Prometheus export OFF by default (optional adapter) - Our backend: stats.json + bans.log (NOT Prometheus)

    @itcmsgr itcmsgr committed Jan 25, 2026
    2a68e2c