IPF blacklist
I made a little program called ipf-blacklist that grabs the blacklists from Wizcrafts and parses the IP nets into my ipf.rules file and then reloads the firewall. The blacklists from Wizcraft contains well known ip nets with spammers, scammers and hackers. Since the lists gets updated every now and then I can now just add this program to crontab and know that I have the recent lists active and up to date.
The only things needed are that you start your ipf.rules with ‘/sbin/ipf -Fa -f – << EOF‘ and that you add ‘# START BLACKLIST‘ and ‘# END BLACKLIST‘ where you want it to go in your ipf.rules. Also don’t forget to change the block line in the script to match what you have and the position where it’s at, especially if you use the group feature of ipf.
Future plans would be to add more flexibility to it and more configurable options. I even might make a all-in-one kind of deal so everything is done from the program itself. Well, I’ll see if I get round doing it…
No comments yet.