QuickBox #v2.4.4::tag is now stable and has been released for tasty public consumption.
Firstly I would like to throw some shout outs to these members for their hard work and dedication to the QuickBox project… the work you guys have done is very much appreciated and all of your reports have been crucial to putting this release in stable form.
You guys have been incredible through this release, it’s testings and it’s translations!
##Here’s what you can look forward to in v2.4.4
We’ve added in some of the more requested applications/services in this round.
Syncthing is an application that lets you synchronize your files across multiple devices. This means the creation, modification or deletion of files on one machine will automatically be replicated to your other devices. We believe your data is your data alone and you deserve to choose where it is stored.
For those looking to move more into the open-source side of things and avoid the potential hold-backs that may come with BTSync in regards to reservations maintained only for paying customers/licenses… syncthing is an awesome bit of software and it’s official addition is a breath of fresh air.
It’s been asked around by many members of the community as well as noticed on third-party communities. Asking for a firewall solution has been a topic of notice. By default, QuickBox does come packaged with fail2ban, however, some users are in the market for the potential to have an easier to manage (possibly UI) integration with QuickBox.
We’ve answered the call with the addition of ConfigServer Firewall, or CSF for short.
Config Server Firewall (or CSF) is a free and advanced firewall for most Linux distributions and Linux based VPS. In addition to the basic functionality of a firewall – filtering packets – CSF includes other security features, such as login/intrusion/flood detection’s. It’s UI is easy to follow and settings are about as clear as they can get. Users will no longer have to jostle settings via cli and can now do most of the work via the link on their dashboards. Another neat feature is it’s ability to email the master account on system logins, ssh attempts and more.
Packaged with CSF is sendmail. CSF needs the sendmail binaries in order to function properly and send out the needed alerts, thus, this is an added bonus and yet another thing that has been requested. There will be more to do with sendmail in the future, however, at this stage… it’s running the mail portal for CSF alerts only.
Those of you wanting to do some firewall management via cli can check out the included cheat-sheet to see which commands can be used to do what. You’ll find it is pretty simple… and the best power, it’s incredibly powerful and efficient.
###CSF Cheatsheet… commands to know… just because
xx.xxx.xx.x = an IP address)
csf -s :: Start the firewall rules
(example) [email protected][~]#csf -s
csf -f :: Flush/Stop firewall rules (note: lfd may restart csf)
(example) [email protected][~]#csf -f
csf -r :: Restart the firewall rules
(example) [email protected][~]#csf -r
csf -a [IP.add.re.ss] [comment] :: Allow an IP and add to /etc/csf/csf.Allow
(example) [email protected][~]#csf -a xx.xxx.xx.x Home IP Address
csf -tr [IP.add.re.ss] :: Remove an IP from the temporary IP ban or allow list.
(example) [email protected][~]#csf -tr xx.xxx.xx.x
csf -tf :: Flush all IPs from the temporary IP entries
(example) [email protected][~]#csf -tf
csf -d [IP.add.re.ss] [comment] :: Deny an IP and add to /etc/csf/csf.deny
(example) [email protected][~]#csf -d xx.xxx.xx.x Blocked This Guy
csf -dr [IP.add.re.ss] :: Unblock an IP and remove from /etc/csf/csf.deny
(example) [email protected][~]#csf -dr xx.xxx.xx.x
csf -df :: Remove and unblock all entries in /etc/csf/csf.deny
(example) [email protected][~]#csf -df
csf -g [IP.add.re.ss] :: Search the iptables and ip6tables rules for a match (e.g. IP, CIDR, Port Number)
(example) [email protected][~]#csf -g xx.xxx.xx.x
csf -t :: Displays the current list of temporary allow and deny IP entries with their TTL and comment
(example) [email protected][~]#csf -t
####Whitelisting an IP Address
In order to prevent specific IP from being blocked, even for a temporary deny, you need to list their IP address in the files csf.ignore and csf.allow. The first step is to enable IGNORE_ALLOW in csf.conf. The value for IGNORE_ALLOW will appear as “0”, you will need to adjust it to “1” and restart csf and lfd.
This will allow lfd to reference csf.ignore. If you add an IP address to csf.ignore, the IP address will no longer be checked by lfd and failed login attempts will not trigger temporary denies.
Multi-language support has been a requested feature for some time now. We are pleased to announce that QuickBox is now supporting French, English and Danish with German coming right around the bend!
There is one caveat to the language update… although, it is incredibly minor.
####Update your Disk Widgets manually to reflect languages
This is a very simple taks; seeing as how we prefer to not touch Disk Widgets on the dashboard due to /home mounted installs versus /(root) mounted installs. It is necessary that this process be performed manually. Here is how you can update your disk widget with just a few short lines of command. Please do this as root
####For /home mounted installs
dashboard cd widgets && rm disk_data.php cp /root/QuickBox/dashboard/widgets/disk_datah.php /srv/rutorrent/home/widgets/disk_data.php
####For /(root) mounted installs
dashboard cd widgets && rm disk_data.php cp /root/QuickBox/dashboard/widgets/disk_data.php /srv/rutorrent/home/widgets/disk_data.php
If there are any questions or concerns, please do not hesitate to ask.