Differences

This shows you the differences between two versions of the page.

--- userdoc:tt_firewall_external_block_list [2016/09/21 07:23]
abelbeck [External sources for Blocklists]
+++ userdoc:tt_firewall_external_block_list [2021/10/15 14:46] (current)
abelbeck [Updating *.netset Blocklists]
@@ Line 8: / Line 8: @@
 !!Note: AstLinux 1.2.8 or later is required!!
+!!Note: AstLinux 1.3.7!! updated ''reload-blocklist-netset'' with ''asterisk'', ''custom'' and ''customv6'' netsets.
+!!Note: AstLinux 1.4.4!! updated ''reload-blocklist-netset'' with ''apiban'' netset.
 ===== Enable *.netset Blocklists =====
@@ Line 29: / Line 33: @@
 Cron may be used to run this script once or twice every day, for example:
-05,15 * * * reload-blocklist-netset /mnt/kd/blocklists firehol_level1 voipbl >/dev/null 2>&1
+05,15 * * * reload-blocklist-netset /mnt/kd/blocklists firehol_level1 firehol_webclient >/dev/null 2>&1
 !!Important ->!! Do not use the cron time schedule as above, make changes so the servers are not hit at the same time.
-In this example, a ''/mnt/kd/blocklists/firehol_level1.netset'' and a ''/mnt/kd/blocklists/voipbl.netset'' file will be created.
+In this example, a ''/mnt/kd/blocklists/firehol_level1.netset'' and a ''/mnt/kd/blocklists/firehol_webclient.netset'' file will be created.
 !!Tip ->!! You must manually create the ''/mnt/kd/blocklists'' directory if it does not exist.
@@ Line 41: / Line 45: @@
   arno-iptables-firewall force-reload
+\\
+!!Note: AstLinux 1.3.7 or later!! adds support for new netsets: ''asterisk'', ''custom'' and ''customv6''.
+''asterisk'' -> Aggregate multiple Asterisk/SIP/VoIP blacklists, including blocklist_de_sip.\\
+''custom'' -> Use variable ''BLOCKLIST_CUSTOM_URLS'' containing one or more (space/newline separated) URLs.\\
+''customv6'' -> Use variable ''BLOCKLIST_CUSTOMV6_URLS'' containing one or more (space/newline separated) URLs.\\
+!!Tip ->!! The ''custom'' netset will use ''iprange'' to aggregate IPs and look up DNS if needed.
+For example, you can create you own ''custom'' blocklist using [[https://abuse.ch/|abuse.ch]] blocklists:
+  # 'custom' Blocklist by https://abuse.ch/
+  BLOCKLIST_CUSTOM_URLS="
+  https://feodotracker.abuse.ch/downloads/ipblocklist.txt
+  https://sslbl.abuse.ch/blacklist/sslipblacklist.txt
+  "
+!!Warning ->!! Don't miss the closing double-quote.
+This variable can be added directly into the ''/mnt/kd/rc.conf.d/user.conf'' file, or edited via the Network tab -> Advanced Configuration: User System Variables.
+In order to apply ''user.conf'' settings changes, using the Edit tab:
+{{:userdoc:edit-tab-reload-restart-apply.png?nolink|Apply user.conf variables}}
+Or use the CLI command:
+  gen-rc-conf
+\\
+!!Note: AstLinux 1.4.4 or later!! adds support for a new netset: ''apiban''.
+''apiban'' -> REST API for sharing IP addresses sending unwanted SIP traffic. Requires an API Key via https://apiban.org/.\\
+After receiving your API Key via email, copy it to a newly created ''/mnt/kd/apiban.conf'' file.
+\\
 ===== File format for  *.netset Files =====
@@ Line 71: / Line 111: @@
-The "voipbl" distributed VoIP blacklist is aimed to protect against VoIP Fraud and minimizing PBX network abuse. Sponsored by ScopServ International.\\
+The "voipbl" distributed VoIP blacklist is aimed to protect against VoIP Fraud and minimizing PBX network abuse. (Dec 2018, not maintained very well anymore, many false positives)\\
 [[http://www.voipbl.org/|VoIP Blacklist]]