diff --git a/ChangeLog b/ChangeLog
index 55978a0..da77a8c 100644
--- a/ChangeLog
+++ b/ChangeLog
@@ -1,6 +1,21 @@
Changes Log
==========================================================================
+Version 1.0 - Date 06/11/2018
+
+ * Support for ip ranges (CIDR) on the ignore.ip.list thanks to
+ safly (https://github.com/safly)
+ * grepcidr install requirement introduced with the support for CIDR
+ * New syntax supported on ignore.ip.list
+ a.b.c.d/xy (CIDR format)
+ a.b.c.d-e.f.g.h (IP range)
+ For more details read the grepcidr man page.
+ * Fixed bug $CONF not found thanks to
+ WoozyMasta (https://github.com/WoozyMasta)
+ * Added unban flag -u --unban
+ * Added logrotate configuration file to uninstall script.
+ * Prioritize systemd detection on install script.
+
Version 0.9 - Date 05/03/2017
* Support for freebsd and many other improvements thanks to
diff --git a/README.md b/README.md
index 43f78b0..fa3de98 100644
--- a/README.md
+++ b/README.md
@@ -20,13 +20,13 @@ netstat -an | awk '{print $5}' | cut -d: -f1 | sort | uniq -c | sort -n
IP addresses with over a pre-configured number of connections are
automatically blocked in the server's firewall, which can be direct
-ipfw, iptables, or Advanced Policy Firewall (APF). (We highly recommend that
-you use APF on your server in general, but deflate will work without it.)
+ipfw, iptables, or Advanced Policy Firewall (APF).
### Notable Features
* It is possible to whitelist IP addresses, via /etc/ddos/ignore.ip.list.
* It is possible to whitelist hostnames, via /etc/ddos/ignore.host.list.
+* IP ranges and CIDR syntax is supported on /etc/ddos/ignore.ip.list
* Simple configuration file: /etc/ddos/ddos.conf
* IP addresses are automatically unblocked after a preconfigured time limit (default: 600 seconds)
* The script can run as a cron job at chosen frequency via the configuration file (default: 1 minute)
@@ -85,6 +85,8 @@ On this file you can add a list of ip addresses to be whitelisted, for
example:
> 12.43.63.13
+> 165.123.34.43-165.123.34.100
+> 192.168.1.0/24
> 129.134.131.2
**/etc/ddos/ddos.conf**
diff --git a/man/ddos.1 b/man/ddos.1
index 3f45c0e..5b2d2e8 100644
--- a/man/ddos.1
+++ b/man/ddos.1
@@ -37,8 +37,7 @@ and easiest to install solutions at the software level.
.PP
IP addresses with over a pre-configured number of connections are
automatically blocked in the server's firewall, which can be direct
-ipfw, iptables, or Advanced Policy Firewall (APF). (We highly recommend that
-you use APF on your server in general, but deflate will work without it.)
+ipfw, iptables, or Advanced Policy Firewall (APF).
.SH OPTIONS
@@ -78,12 +77,27 @@ block ip's making \fINUMBER_OF_CONNECTIONS\fR or more
.PP
It is possible to whitelist IP addresses by adding a
.B new-line
-separated list of ip's to /etc/ddos/ignore.ip.list
+separated list of ip's to /etc/ddos/ignore.ip.list,
+you can use IP range syntax and CIDR syntax, for example:
+
+.RS 4
+192.168.1.0/24 (CIDR format)
+.br
+24.12.34.1-24.12.34.30 (IP range)
+.br
+192.168.1.156 (Single IP)
+.RE
.PP
It is also possible to whitelist hostnames by adding a
.B new-line
-separated list of hosts to /etc/ddos/ignore.host.list
+separated list of hosts to /etc/ddos/ignore.host.list, for example:
+
+.RS 4
+googlebot.com
+.br
+dynamic-ip.somehost.com
+.RE
.SH SETTINGS
You can modify the script settings by editing /etc/ddos/ddos.conf
diff --git a/src/ddos.sh b/src/ddos.sh
index ff98c14..5be7409 100755
--- a/src/ddos.sh
+++ b/src/ddos.sh
@@ -1,6 +1,6 @@
#!/bin/sh
##############################################################################
-# DDoS-Deflate version 0.9 Author: Zaf #
+# DDoS-Deflate version 1.0 Author: Zaf #
##############################################################################
# Contributors: #
# Jefferson González #
@@ -33,7 +33,7 @@ load_conf()
head()
{
- echo "DDoS-Deflate version 0.9"
+ echo "DDoS-Deflate version 1.0"
echo "Copyright (C) 2005, Zaf "
echo
}