Agenda
- Release Schedule
- Core Update 163
- Core Update 164
- Suggested topics: Squidguard - no more available lists
Attendees
- Adolf
- Arne
- Daniel
- Jonathan
- Michael
- Peter
Log
Core Update 163
- Ready to go, to be released shortly
- Most testing feedback was positive, no blockers left
- Michael updates the QoS documentation in the wiki, releases C163 afterwards
i*86 is finally gone
Core Update 164
- Lots of new features
- IPS multiple providers
- Pakfire CGI improvements from Leo et al.
- Squid 5
- Drop traffic from/to hostile networks by default
- New kernel
- #12767 is still a blocker, workaround available
Core Update 165 (and beyond?)
- Python 3.10
- New toolchain
- Package updates
- Peter prepares update as usual in his temporary personal branch
- IPBlocklist add-on (got new maintainer, part of the core distribution)?
- Rob takes care of it
- Adolf helps him on the way to go, if necessary
Website of xt_geoip went down
- Does not look good, project discontinued/abandoned?
- Michael asks Stefan if he is willing to work on
ipset
ipset would also make AS-based firewalling more easy to implement
Moar blocklists: Squidguard - no more available lists
- Shalla disappeared, MSED too, University of Toulouse is useless
- Existing setups remain operational, list quality will get lower over time
- Little lists are available for free
- DNS-based blocking does not improve anything
- Causes more technical trouble than it solves
- You need a blocking source ether way
- If license permits, we'll obtain the latest version of Shalla and serve it on our servers
- Long-term, we might start our own list...
Selective whitelisting of IPS events for certain clients