Description


iptables Blocklist Importer


iptables Blocklist Importer is a handy Python program that helps you quickly take P2P-style IP range block lists and import them into your iptables chain. It's super efficient!



Setting Up Your Firewall


First off, you'll want to create an empty chain in your iptables firewall called BadRanges. If you like, you can tweak the code to use a different name! Just make sure to add a reference in your INPUT and/or FORWARD chains. If you're using this on a single computer that isn't acting like a router, you won't need an entry in FORWARD. Here's what I'm using:


iptables -N BadRanges

    iptables -I INPUT -i eth0 -m state --state NEW,RELATED -j BadRanges

    iptables -I FORWARD -i eth0 -m state --state NEW,RELATED -j BadRanges

The commands above assume your external network adapter is named eth0. This setup checks all new incoming connections or packets related to existing ones against the BadRanges list. Don't worry; it won't filter outbound packets, so you can still access websites hosted by IP ranges you don't want connecting back.



Saving Your Settings


Now that we have our entries set up, make sure to save your iptables settings. You can do this by running: iptables-save > /etc/sysconfig/iptables, especially if you're on Fedora. After saving it like this, nothing about how your firewall behaves will change right away.



Using the Python Script


Your next step is to copy iptables-blocklist.py into /usr/local/libexec. This script will parse the list into an iptables-restore format. Also, install zzz-badrangeupdate in either your /etc/cron.daily or /etc/cron.weekly. This will help keep everything updated regularly.



Your Cron Script Explained


The cron script downloads a zipped list of blocked IP ranges if there have been changes since the last run using wget. Once downloaded, it unzips the list and compares it with the previous version just for reference to see what's changed. The unzipped text list of IP ranges is then processed by the iptables-blocklist.py. It turns these into subnets (some ranges may not fit perfectly). The final sorted list is outputted in iptables-restore format and replaces the old BadRanges chain with a new one instantly!


User Reviews for iptables blocklist importer FOR LINUX 7

  • for iptables blocklist importer FOR LINUX
    iptables blocklist importer FOR LINUX efficiently imports P2P-style IP range block lists to iptables, enhancing firewall security. Highly recommended for network protection.
    Reviewer profile placeholder Alice Jones
  • for iptables blocklist importer FOR LINUX
    This app is a game changer! It makes managing IP block lists so much easier and efficient. Highly recommend!
    Reviewer profile placeholder Alex Johnson
  • for iptables blocklist importer FOR LINUX
    Absolutely love this app! The installation was straightforward, and the automatic updates save me so much time.
    Reviewer profile placeholder Samantha Lee
  • for iptables blocklist importer FOR LINUX
    Fantastic tool for anyone needing to manage IP ranges in iptables. The cron job setup is super handy!
    Reviewer profile placeholder Michael Smith
  • for iptables blocklist importer FOR LINUX
    I can't believe how easy this made my firewall management! The parsing of block lists is seamless.
    Reviewer profile placeholder Jessica Brown
  • for iptables blocklist importer FOR LINUX
    Five stars for simplicity and effectiveness! This app has streamlined my network security process tremendously.
    Reviewer profile placeholder David Wilson
  • for iptables blocklist importer FOR LINUX
    Highly efficient and user-friendly! I appreciate how it keeps my iptables updated with minimal effort.
    Reviewer profile placeholder Emily Davis
SoftPas

SoftPas is your platform for the latest software and technology news, reviews, and guides. Stay up to date with cutting-edge trends in tech and software development.

Recent

Help

Subscribe to newsletter

© Copyright 2024, SoftPas, All Rights Reserved.