[OpenIndiana-discuss] IP blacklisting tutorial

Andrej Javoršek drejc at ntf.uni-lj.si
Mon Nov 23 15:06:38 UTC 2015


Hello,
not tried by myself (hacked from my working RouterOS scripts), but maybe
adding a (long) line into ippool.conf by script like that would work.
Beware that final list consists of aprox 3500 IPv4 addresses (ranges) and I
have no idea how that will inpact illumos (kernel).

=====SNIP====
#!/bin/bash
#proper dir path here
saveTo=.

wget -q -O - http://feeds.dshield.org/block.txt | grep ^[0-9]| awk '{print
$1 "/24"}' > $saveTo/list.txt
wget -q -O - http://www.spamhaus.org/drop/drop.lasso >> $saveTo/list.txt
wget -q -O - http://www.openbl.org/lists/base_30days.txt.gz | gunzip >>
$saveTo/list.txt
wget -q -O - http://www.team-cymru.org/Services/Bogons/fullbogons-ipv4.txt
>> $saveTo/list.txt

echo "table role = ipf type = tree number = 100 {" > ippool.conf
cat $saveTo/list.txt| awk '!a[$0]++' | awk --posix
'/[2-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}\// { print $1 "; "}' | tr
-d "\n" >> $saveTo/ippool.conf
echo "};" >> $saveTo/ippool.conf

cat OTHER_STATIC_IP_POOLS.txt >> $saveTo/ippool.conf
========SNIP=====

Regards
Andrej

On Mon, Nov 23, 2015 at 12:08 PM, Stefan Müller-Wilken <
stefan.mueller-wilken at acando.de> wrote:

> (resending this mail as the previous attempt seems to have been swallowed
> by a filter...)
>
> Dear all,
>
> is there a tutorial on how to make use of standard IP blacklists out
> there? OpenBL, Firehol<http://iplists.firehol.org> and others provide
> pretty useful lists but I couldn't find any decent description on how to
> feed them into IPF...
>
> Cheers
>  Stefan
> ________________________________
>
> Acando GmbH, Millerntorplatz 1, 20359 Hamburg, Germany | Gesch?ftsführer:
> Guido Ahle | Amtsgericht Hamburg, HRB 76048 | Ust.Ident-Nr.:DE208833022
> _______________________________________________
> openindiana-discuss mailing list
> openindiana-discuss at openindiana.org
> http://openindiana.org/mailman/listinfo/openindiana-discuss
>



-- 

<*img* src="data:image/png;base64,iVBORw0KGgoAAAANSUhEUgAAAAUA

AAAFCAYAAACNbyblAAAAHElEQVQI12P4//8/w38GIAXDIBKE0DHxgljNBAAO

9TXL0Y4OHwAAAABJRU5ErkJggg==" alt="Red dot" />


More information about the openindiana-discuss mailing list