dnutan
December 16, 2018, 6:24pm
2
There were some instructions on GeoIP blocking and also on blocklists. Haven’t tested myself if these methods are up to date, but @filippo_carletti , @jackyes , @bwdjames and other members used them:
Added 2 more blocklist:
EmergingThreats.net Command and Control IPs
EmergingThreats.net compromised hosts
Updated script on the first post.
For those interested in a better way to crate a blocklist on centos/debian take a look at:
i wrote this script using ipset and iprange to compact the resulting blocklist as possible in order to increase the performance, i think can be easily adapted on nethserver (may be the next update
@Jclendineng Apologies for taking so long to ping you the following details, been rather busy lately with school holidays and work.
I have a file call /etc/shorewall/ipsets which contains the following:
create blockipsnets hash:net family inet hashsize 16384 maxelem 65536
create blockips hash:net family inet hashsize 262144 maxelem 524288
create whitelistips hash:ip family inet hashsize 1024 maxelem 65536
Once you have created that file with those entries, run the following command to cre…