forked from trick77/ipset-blacklist
-
Notifications
You must be signed in to change notification settings - Fork 0
/
ipset-blocklist.conf
44 lines (41 loc) · 2.66 KB
/
ipset-blocklist.conf
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
IPSET_BLOCKLIST_NAME=blocklist # change it if it collides with a pre-existing ipset list
IPSET_TMP_BLOCKLIST_NAME=${IPSET_BLOCKLIST_NAME}-tmp
# Ensure the directory for IP_BLOCKLIST/IP_BLOCKLIST_RESTORE exists (it won't be created automatically)
IP_BLOCKLIST_RESTORE=/opt/ipset-blocklist/ip-blocklist.restore
IP_BLOCKLIST=/opt/ipset-blocklist/ip-blocklist.list
VERBOSE=yes # probably set to "no" for cron jobs, default to yes
FORCE=yes # will create the ipset-iptable binding if it does not already exist
let IPTABLES_IPSET_RULE_NUMBER=1 # if FORCE is yes, the number at which place insert the ipset-match rule (default to 1)
# Sample (!) list of URLs for IP blocklists. Currently, only IPv4 is supported in this script, everything else will be filtered.
BLOCKLISTS=(
# "file:///opt/ipset-blocklist/ip-blocklist-custom.list" # optional, for your personal nemeses (no typo, plural)
"https://www.projecthoneypot.org/list_of_ips.php?t=d&rss=1" # Project Honey Pot Directory of Dictionary Attacker IPs
"https://iplists.firehol.org/files/bds_atif.ipset"
"https://iplists.firehol.org/files/cybercrime.ipset"
"https://iplists.firehol.org/files/dyndns_ponmocup.ipset"
"https://iplists.firehol.org/files/et_block.netset"
"https://iplists.firehol.org/files/et_compromised.ipset"
"https://iplists.firehol.org/files/firehol_level2.netset"
"https://iplists.firehol.org/files/firehol_level3.netset"
"https://iplists.firehol.org/files/urlvir.ipset"
"https://iplists.firehol.org/files/bbcan177_ms1.netset"
"https://iplists.firehol.org/files/bbcan177_ms3.netset"
"https://s3.i02.estaleiro.serpro.gov.br/blocklist/blocklist.txt"
"https://iplists.firehol.org/files/alienvault_reputation.ipset"
"https://iplists.firehol.org/files/ransomware_feed.ipset"
"https://s3.i02.estaleiro.serpro.gov.br/blocklist/blocklist.txt"
"https://talosintelligence.com/documents/ip-blacklist"
"https://feodotracker.abuse.ch/downloads/ipblocklist_recommended.txt"
"https://iplists.firehol.org/files/ransomware_cryptowall_ps.ipset"
"https://iplists.firehol.org/files/ransomware_feed.ipset"
"https://iplists.firehol.org/files/normshield_all_ddosbot.ipset"
"https://blocklist.greensnow.co/greensnow.txt"
"http://www.cidr-report.org/bogons/freespace-prefix.txt"
"https://raw.githubusercontent.com/eSentire/malfeed/master/crazyerror.su_watch_ip.lst"
"http://www.maxmind.com/en/anonymous_proxies"
"https://iplists.firehol.org/files/maxmind_proxy_fraud.ipset"
"https://iplists.firehol.org/files/spamhaus_drop.netset"
"https://iplists.firehol.org/files/spamhaus_edrop.netset"
"https://iplists.firehol.org/files/yoyo_adservers.ipset"
)
MAXELEM=131072