We read every piece of feedback, and take your input very seriously.
To see all available qualifiers, see our documentation.
wiki: add System Contract + Metrics Evidence Classes to Architecture System Contract (Canonical Invariants): - 5 numbered invariants that must hold when system is healthy - Kernel schema, anchor pipeline, validator agreement, CLI truth, config intent - Violation = DEGRADED or DOWN Metrics & Evidence Classes: - 3 classes: Structural (validator), Enforcement (counters), Operational (timers) - Unified explanation of what each proves - Links to Metrics page and Glossary Closes the two remaining cohesion gaps from alignment audit. Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
wiki: contract-vs-implementation separation (schema + install + architecture) Schema page: - Schema is now a logical contract, not tied to shell implementation - Implementation detail (nft_schema.sh) clearly separated from contract - Future Go migration stated without breaking contract invariants - 'Schema authority resides in nft_schema.sh' → contract-first wording Installation Guide: - Installer framed as 'enforces system contract on kernel' - Design Principle section: config→installer→validator→CLI invariant model - Implementation-agnostic: contract survives shell→Go migration Architecture: - Schema described as logical contract, not shell artifact - Migration direction stated as implementation detail, not contract change Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
wiki: v1.83 canonical rewrite — system contract + modules + structure Complete wiki alignment to v1.83 canonical design baseline. Added (8 new pages): - Glossary-and-Vocabulary (v1.81 vocabulary contract) - Health-Model (4-axis + consistency derivation) - DDoS-Protection (kernel-only, counter evidence) - Portscan-Detection (structure-only, no counter) - BotGuard (daemon-dependent, set evidence) - Login-Monitoring (journal + shared sets) - Blacklist-and-Threat-Intelligence (composite: manual/feeds/geoban) - Known-Limitations-and-Validation-Scope (validator scope per module) Replaced (6 pages): - Home → system contract (truth authority + evidence model + invariants) - Architecture-Overview → kernel-first with invariants - CLI-Commands-Reference → trust levels + v1.83 behavior - Configuration-Reference → per-key with axis effects - Project-Statistics → v1.83 metrics with history - _Sidebar → canonical navigation structure Fixed (2 pages): - Suricata-IDS-Integration: "rules loaded" → "rules present" - Optimization-Tools-and-Tweaks: "ok" → "protected" Archived (11 pages → archive/): - CLI-Command-Tree, Timer-Schedule, Large-Set-Management (merged) - API-Handlers-Map, Registry-Architecture, Queue-and-Mail-Contract (internal) - Security-CI-Pipeline, Coding-Standards, Performance-Benchmarks (internal) - Health-Check-Architecture, HTTP-Bot-Guard (replaced by new pages) Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
docs: align wiki with v1.39.0 release - Update version references across 8 pages (v1.18-v1.34 → v1.39.0) - Add dual-set architecture (blacklist_manual_* hash sets from v1.33.0) - Update nft schema with blacklist_manual_ipv4/ipv6 sets and input chain rules - Fix CLI path /usr/sbin/nftban → /usr/bin/nftban - Update Go package paths pkg/ → internal/ (v1.36.0 boundary hardening) - Update project statistics: 269K LOC, 311 Go files, 261 shell scripts, 71 packages - Remove stale audit status table and version history from Home.md - Mark v1.33.0 set separation as delivered in Performance-Benchmarks - Add Bot Guard and Commit-Confirm to key features list - Clean up version-specific annotations (v1.21.4+, v1.31.0, etc.) Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
docs: Align all wiki documentation to v1.18.0 Updated version references in: - Architecture-Overview.md - API-Handlers-Map.md - CLI-Command-Tree.md - Health-Check-Architecture.md - Performance-Benchmarks.md - Project-Statistics.md Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
docs: Update NFT Schema Validation for v1.18.0 - Remove WRONG/CORRECT comparison format - Show unified NFTBan schema approach - Add full chain definitions with ICMPv6 ND support - Document unified blacklist architecture Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
docs: Update all documentation to v1.16.0 - OpenSSF 7+ milestone Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
docs: Update version references to 1.15.0 - Update 9 files from v1.12.6 to v1.15.0 - Remove incorrect NFTBAN_VERSION from example config (version is set automatically, not user-configurable) Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
docs: Update version references and project description - Home.md: Add canonical project description, update to v1.12.6 - Home.md: Change local path to GitHub URL - Architecture-Overview.md: Update version to 1.12.6 - Security-Architecture.md: Remove version-specific reference Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
docs: Update to v1.10.0 + refresh code statistics Version: 1.9.4 → 1.10.0 Shell: 207 files → 204 files, ~118K → ~113K lines Go: 218 files → 228 files, ~75.5K → ~81K lines Total: ~193.5K → ~194K lines
fix(wiki): Fix Mermaid diagrams for GitHub rendering - Remove paths with / from node labels (causes lexical errors) - Remove <br/> tags from node labels (not supported) - Use quoted simplified labels instead - Add path reference tables where paths were removed Fixed files: - Architecture-Overview.md (component diagram, config flow) - Health-Check-Architecture.md (security model diagram) - Systemd-Units-Overview.md (service dependency diagram) - API-Handlers-Map.md (request flow, auth flow)
docs(wiki): Add Feb 2026 security audit documentation New pages from security audit: - Security-Audit-Summary.md - Audit findings and risk matrix - Code-Quality-Report.md - Dead code and complexity analysis - Implementation-Roadmap.md - 5-phase remediation plan - Health-Check-Architecture.md - Auto-heal system design - API-Handlers-Map.md - REST API endpoint reference - Systemd-Units-Overview.md - Complete systemd unit reference - Architecture-Overview.md - System components and data flow - CLI-Command-Tree.md - Visual CLI command hierarchy Updated pages: - Home.md - Merged audit status with quick start guide - _Sidebar.md - New sidebar navigation structure Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>