collabvm/nftables
9
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity
No description
2 commits 1 branch 0 tags 744 KiB
Find a file
root 3194f4b3f2 Update README
2024-02-12 12:32:39 -05:00
remote Add lists 2024-02-12 12:28:12 -05:00
vpn Add lists 2024-02-12 12:28:12 -05:00
blocklist.nft Add lists 2024-02-12 12:28:12 -05:00
README.md Update README 2024-02-12 12:32:39 -05:00
update.sh Add lists 2024-02-12 12:28:12 -05:00

README.md

CollabNet IP Blocklists

How to use

To use these lists, first clone them to the nftables.d directory like this: sudo git clone https://git.computernewb.com/collabvm/nftables /etc/nftables.d

then, make the following changes to /etc/nftables.conf:

Add this below flush ruleset at the top of the file:

include "/etc/nftables.d/blocklist.nft"

Add this below table inet filter {:

        set blocklist {
          type ipv4_addr
          flags interval
          elements = { $blocklist }
        }

Add this after udp dport 443 log prefix "Dropped (UDP/443): " drop within chain noforward {:

                meta iifname $LAN ip daddr @blocklist log prefix "Dropped (BLOCKED IP): " drop
                meta iifname $LAN ip saddr @blocklist log prefix "Dropped (BLOCKED IP): " drop

Reload nftables: sudo nft -f /etc/nftables.conf

Configuring automated updates

To automatically update these lists, add the following to root's crontab (sudo crontab -e):

0 * * * * /etc/nftables.d/update.sh >/dev/null 2>&1