Add lists

2024-02-12 12:28:12 -05:00 · 2024-02-12 12:28:12 -05:00 · 6c5e668d76
commit 6c5e668d76
11 changed files with 246 additions and 0 deletions
--- a/README.md
+++ b/README.md
@ -0,0 +1,29 @@
+# CollabNet IP Blocklists
+
+## How to use
+To use these lists, first clone them to the nftables.d directory like this:
+`sudo git clone https://git.computernewb.com/collabvm/nftables /etc/nftables.d`
+
+then, make the following changes to `/etc/nftables.conf`:
+
+Add this below `flush ruleset` at the top of the file:
+```
+include "/etc/nftables.d/blocklist.nft"
+```
+
+Add this below `table inet filter {`:
+```
+        set blocklist {
+          type ipv4_addr
+          flags interval
+          elements = { $blocklist }
+        }
+```
+
+Add this after `udp dport 443 log prefix "Dropped (UDP/443): " drop` within `chain noforward {`:
+```
+                meta iifname $LAN ip daddr @blocklist log prefix "Dropped (BLOCKED IP): " drop
+                meta iifname $LAN ip saddr @blocklist log prefix "Dropped (BLOCKED IP): " drop
+```
+
+Reload nftables: `sudo nft -f /etc/nftables.conf`
--- a/blocklist.nft
+++ b/blocklist.nft
@ -0,0 +1,199 @@
+include "/etc/nftables.d/vpn/vpn_windscribe.nft"
+include "/etc/nftables.d/vpn/vpn_actmobile.nft"
+include "/etc/nftables.d/vpn/vpn_proton.nft"
+include "/etc/nftables.d/vpn/vpn_vpngate.nft"
+include "/etc/nftables.d/vpn/vpn_psiphon.nft"
+include "/etc/nftables.d/vpn/vpn_rusvpn.nft"
+include "/etc/nftables.d/vpn/vpn_tor.nft"
+include "/etc/nftables.d/remote/remote_dwservice.nft"
+
+define blocklist = {
+        $windscribe,
+	$actmobile,
+	$proton,
+	$vpngate,
+	$psiphon,
+	$rusvpn,
+	$dwservice,
+	$tor,
+	$torbridges,
+        103.95.198.212,
+        104.149.148.62,
+        107.182.226.124,
+        108.62.132.153,
+        123.60.154.97,
+        139.99.61.96,
+        163.172.155.103,
+        163.172.163.112,
+        173.234.234.27,
+        198.98.50.92,
+        198.98.51.237,
+        198.98.56.229,
+        199.195.253.116,
+        207.244.90.212,
+        209.141.36.22,
+        209.141.46.76,
+        209.141.56.250,
+        209.141.59.208,
+        209.25.140.0/22,
+        34.174.180.75,
+        45.79.102.4,
+        46.147.175.250,
+        51.15.114.8,
+        51.15.140.167,
+        51.15.47.229,
+        51.15.84.114,
+        51.158.112.253,
+        51.158.186.147,
+        51.161.32.187,
+        51.161.32.254,
+        51.195.47.140,
+        51.195.47.141,
+        51.79.164.211,
+        65.111.173.161,
+        75.4.61.28,
+	69.39.237.97,
+	142.234.200.226,
+	173.208.96.131,
+	142.234.200.225,
+	178.128.145.49,
+	198.199.125.212,
+	74.63.227.196,
+	51.158.234.221,
+	37.205.14.78,
+	#AS PLAYIT-GG
+	23.133.216.0/24,
+	147.185.221.0/24,
+	209.25.140.0/22,
+	34.86.232.203,
+	35.224.116.12,
+	66.94.116.206,
+	45.55.44.61,
+	159.89.89.95,
+	143.244.146.245,
+	159.223.185.191,
+	159.203.157.30,
+	104.131.166.123,
+	104.131.7.128,
+	167.71.105.1,
+	24.199.65.217,
+	68.183.112.23,
+	144.126.251.210,
+	104.248.106.77,
+	128.199.18.167,
+	13.52.139.55,
+	137.184.240.89,
+	138.197.166.84,
+	138.68.115.208,
+	139.180.171.244,
+	139.59.130.134,
+	139.59.219.11,
+	139.59.219.224,
+	139.59.54.202,
+	142.93.106.153,
+	142.93.146.133,
+	142.93.40.224,
+	143.198.180.43,
+	143.198.22.59,
+	143.198.241.43,
+	143.244.201.155,
+	143.244.214.213,
+	144.126.242.159,
+	144.126.252.19,
+	146.190.194.247,
+	146.190.200.8,
+	146.190.9.187,
+	157.245.131.165,
+	157.245.27.172,
+	159.203.162.246,
+	159.223.100.222,
+	159.223.242.2,
+	159.65.213.114,
+	161.35.25.128,
+	161.35.250.249,
+	165.227.200.64,
+	167.172.1.125,
+	167.71.14.211,
+	167.99.132.28,
+	167.99.19.124,
+	174.138.102.231,
+	174.138.109.232,
+	174.138.5.99,
+	178.128.233.149,
+	178.128.31.178,
+	185.244.130.59,
+	191.96.70.204,
+	207.154.208.62,
+	208.85.17.183,
+	216.218.219.100,
+	216.218.219.109,
+	217.69.0.157,
+	217.69.2.214,
+	45.32.244.204,
+	45.76.221.226,
+	45.77.14.34,
+	46.101.33.84,
+	64.225.95.5,
+	65.20.99.69,
+	67.207.75.213,
+	70.34.249.108,
+	70.34.254.107,
+	104.236.4.192,
+	134.209.205.126,
+	138.197.174.13,
+	138.197.56.29,
+	138.197.57.69,
+	142.93.77.98,
+	143.110.251.222,
+	143.198.190.123,
+	143.244.222.78,
+	146.190.10.132,
+	146.190.188.139,
+	146.190.4.63,
+	147.182.144.141,
+	159.203.148.217,
+	159.223.179.125,
+	159.223.2.172,
+	159.65.210.125,
+	159.65.242.72,
+	159.89.251.11,
+	161.35.109.42,
+	161.35.3.82,
+	164.90.213.211,
+	165.22.111.65,
+	165.227.248.112,
+	167.172.171.126,
+	167.71.56.186,
+	174.138.113.142,
+	178.62.112.111,
+	184.105.144.20,
+	206.81.14.23,
+	217.69.10.112,
+	45.32.144.43,
+	45.32.22.248,
+	45.55.121.128,
+	45.55.99.183,
+	45.63.24.166,
+	45.76.126.118,
+	46.101.130.211,
+	46.101.68.109,
+	64.227.142.113,
+	65.20.99.34,
+	68.183.154.91,
+	52.53.84.202,
+	52.8.173.173,
+	178.249.213.39,
+	222.255.11.117,
+	109.111.243.206,
+	146.70.205.6,
+	173.198.248.39,
+	217.229.108.168,
+	84.62.23.116,
+	52.220.121.212,
+	79.133.56.107,
+	185.83.70.162,
+	71.19.249.191,
+	185.185.68.50,
+	199.229.252.121,
+	86.162.6.84,
+}
--- a/remote/remote_dwservice.nft
+++ b/remote/remote_dwservice.nft
@ -0,0 +1 @@
+define dwservice = { 84.234.96.36 }
--- a/update.sh
+++ b/update.sh
@ -0,0 +1,4 @@
+#!/bin/bash
+cd "$(dirname "$0")"
+git pull
+nft -f /etc/nftables.conf
--- a/vpn/vpn_actmobile.nft
+++ b/vpn/vpn_actmobile.nft
--- a/vpn/vpn_proton.nft
+++ b/vpn/vpn_proton.nft
--- a/vpn/vpn_psiphon.nft
+++ b/vpn/vpn_psiphon.nft
--- a/vpn/vpn_rusvpn.nft
+++ b/vpn/vpn_rusvpn.nft
--- a/vpn/vpn_tor.nft
+++ b/vpn/vpn_tor.nft
--- a/vpn/vpn_vpngate.nft
+++ b/vpn/vpn_vpngate.nft
--- a/vpn/vpn_windscribe.nft
+++ b/vpn/vpn_windscribe.nft