Skip to content
/ ufw-bots Public

List of datacenter IPs to block and script to automate it.

License

MIT license
16 stars 3 forks Branches Tags Activity
Star
Notifications You must be signed in to change notification settings

brahma-dev/ufw-bots

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

1,470 Commits
.github/workflows
.github/workflows
 
 
files
files
 
 
.gitignore
.gitignore
 
 
LICENSE
LICENSE
 
 
README.md
README.md
 
 
index.js
index.js
 
 
package.json
package.json
 
 

Repository files navigation

ufw-bots

Script to automatically block IPs from datacenter ASNs (https://github.com/brianhama/bad-asn-list)

I have excluded the following ASNs from the above list

List of IPs is available at files/ipv4.txt and files/ipv6.txt and files/combined.txt

A bash script for ufw is available at files/ufw.sh

A bash script for iptables is available at files/iptables.sh. Requires ipset and pv to be installed.

>> The lists/files are automatically updated every 6 hours.

You can download the latest script using the following commands.

Manually download the script and run

UFW

wget https://raw.githubusercontent.com/brahma-dev/ufw-bots/master/files/ufw.sh
cat ufw.sh
chmod +x ufw.sh
sudo ./ufw.sh

IPTABLES

wget https://raw.githubusercontent.com/brahma-dev/ufw-bots/master/files/iptables.sh
cat iptables.sh
chmod +x iptables.sh
sudo ./iptables.sh

One-Step

Piping to bash is controversial, as it prevents you from reading code that is about to run on your system. Not recommended. Only use it if you know what you're doing. Run it frequently to have the latest IPs.

UFW

curl -sL https://raw.githubusercontent.com/brahma-dev/ufw-bots/master/files/ufw.sh | sudo -E bash -

IPTABLES

curl -sL https://raw.githubusercontent.com/brahma-dev/ufw-bots/master/files/iptables.sh | sudo -E bash -

Uninstall

In case you want to remove the firewall rules created by this script

UFW

echo "Clearing old ipv4 rules"
sudo sed -z -i.bak.old -u "s/### tuple.* comment=7566772d626f7473\n.*DROP//gm" /etc/ufw/user.rules
sudo sed -i 'N;/^\n$/d;P;D' /etc/ufw/user.rules

echo "Clearing old ipv6 rules"
sudo sed -z -i.bak.old -u "s/### tuple.* comment=7566772d626f7473\n.*DROP//gm" /etc/ufw/user6.rules
sudo sed -i 'N;/^\n$/d;P;D' /etc/ufw/user6.rules

IPTABLES

export SET_NAME="brahma_iplist"
echo "Clearing iptable rules"
for i in `seq -w 1 10`; do
sudo iptables -D INPUT -m set --match-set "${SET_NAME}_$i" src -j DROP 2>/dev/null || true;
sudo ipset -X "${SET_NAME}_$i"
done

This will print warning that The set with the given name does not exist. It can be safely ignored.

Help Needed

A script for cronjob that can download the two list of IPs, parse/validate the IPs and update the firewall likewise. I don't happen to have the bash skill/time to pull it off.

About

List of datacenter IPs to block and script to automate it.

Resources

Readme

License

MIT license
Activity

Stars

16 stars

Watchers

4 watching

Forks

3 forks
Report repository

Releases

No releases published

Packages

No packages published

Languages