userdoc:tt_firewall_external_block_list

Differences

This shows you the differences between two versions of the page.

Link to this comparison view

Both sides previous revision Previous revision
Next revision
Previous revision
userdoc:tt_firewall_external_block_list [2019/08/23 10:47]
abelbeck [Updating *.netset Blocklists]
userdoc:tt_firewall_external_block_list [2021/10/15 14:46] (current)
abelbeck [Updating *.netset Blocklists]
Line 10: Line 10:
  
 !!Note: AstLinux 1.3.7!! updated ''reload-blocklist-netset'' with ''asterisk'', ''custom'' and ''customv6'' netsets. !!Note: AstLinux 1.3.7!! updated ''reload-blocklist-netset'' with ''asterisk'', ''custom'' and ''customv6'' netsets.
 +
 +!!Note: AstLinux 1.4.4!! updated ''reload-blocklist-netset'' with ''apiban'' netset.
 ===== Enable *.netset Blocklists ===== ===== Enable *.netset Blocklists =====
  
Line 43: Line 45:
   arno-iptables-firewall force-reload   arno-iptables-firewall force-reload
  
 +\\
 !!Note: AstLinux 1.3.7 or later!! adds support for new netsets: ''asterisk'', ''custom'' and ''customv6''. !!Note: AstLinux 1.3.7 or later!! adds support for new netsets: ''asterisk'', ''custom'' and ''customv6''.
  
Line 50: Line 53:
  
 !!Tip ->!! The ''custom'' netset will use ''iprange'' to aggregate IPs and look up DNS if needed. !!Tip ->!! The ''custom'' netset will use ''iprange'' to aggregate IPs and look up DNS if needed.
 +
 +For example, you can create you own ''custom'' blocklist using [[https://abuse.ch/|abuse.ch]] blocklists:
 +
 +  # 'custom' Blocklist by https://abuse.ch/
 +  BLOCKLIST_CUSTOM_URLS="
 +  https://feodotracker.abuse.ch/downloads/ipblocklist.txt
 +  https://sslbl.abuse.ch/blacklist/sslipblacklist.txt
 +  "
 +
 +!!Warning ->!! Don't miss the closing double-quote.
 +
 +This variable can be added directly into the ''/mnt/kd/rc.conf.d/user.conf'' file, or edited via the Network tab -> Advanced Configuration: User System Variables.
 +
 +In order to apply ''user.conf'' settings changes, using the Edit tab:
 +
 +{{:userdoc:edit-tab-reload-restart-apply.png?nolink|Apply user.conf variables}}
 +
 +Or use the CLI command:
 +
 +  gen-rc-conf
 +
 +\\
 +!!Note: AstLinux 1.4.4 or later!! adds support for a new netset: ''apiban''.
 +
 +''apiban'' -> REST API for sharing IP addresses sending unwanted SIP traffic. Requires an API Key via https://apiban.org/.\\
 +
 +After receiving your API Key via email, copy it to a newly created ''/mnt/kd/apiban.conf'' file.
 \\ \\
 ===== File format for  *.netset Files ===== ===== File format for  *.netset Files =====
  • userdoc/tt_firewall_external_block_list.1566575223.txt.gz
  • Last modified: 2019/08/23 10:47
  • by abelbeck