No description
remote | ||
vpn | ||
blocklist.nft | ||
README.md | ||
update.sh |
CollabNet IP Blocklists
How to use
To use these lists, first clone them to the nftables.d directory like this:
sudo git clone https://git.computernewb.com/collabvm/nftables /etc/nftables.d
then, make the following changes to /etc/nftables.conf
:
Add this below flush ruleset
at the top of the file:
include "/etc/nftables.d/blocklist.nft"
Add this below table inet filter {
:
set blocklist {
type ipv4_addr
flags interval
elements = { $blocklist }
}
Add this after udp dport 443 log prefix "Dropped (UDP/443): " drop
within chain noforward {
:
meta iifname $LAN ip daddr @blocklist log prefix "Dropped (BLOCKED IP): " drop
meta iifname $LAN ip saddr @blocklist log prefix "Dropped (BLOCKED IP): " drop
Reload nftables: sudo nft -f /etc/nftables.conf
Configuring automated updates
To automatically update these lists, add the following to root's crontab (sudo crontab -e
):
0 * * * * /etc/nftables.d/update.sh >/dev/null 2>&1