1

I'd like to block all ips of all datacenters in the world with this list: https://github.com/client9/ipcat

But I don't know how to use that list, I'd like a bash script that checks if there's an update every day (or use the GitHub webhook for changes :D) and add IPTable rules for all the ips that will drop the connection of these said ips :)

I only need to know how I would use the ipcat list to block the ips with IPTables

Thanks in advance :)

  • Hi there, this is more a system administration question. I'll start the migration process, so just sit tight. In the meantime, how's this to get you started? https://www.linuxquestions.org/questions/linux-security-4/iptables-external-file-of-bad-ips-526490/ – Ohnana Apr 07 '16 at 15:53
  • @Ohnana Thank you for that link, but how would I implement that with this .csv file? https://raw.githubusercontent.com/client9/ipcat/master/datacenters.csv –  Apr 07 '16 at 18:04
  • Iptables supports range format. So you could process the csv file with a script that would process the data into a usable format. – Ohnana Apr 07 '16 at 18:08
  • @Ohnana I litterally have no idea how to do that :$, I did know IPTables supports ranges but howw would I implement that in a bash script? –  Apr 07 '16 at 18:15
  • 2
    Honestly, I would use Python. Great CSV library and easy to use. Then, to do the iptables commands, use a SHELL or SYSTEM call (can't remember which one it is). Of course, if you do not know how to write python or program, that is a question for the internet ;) – Ohnana Apr 07 '16 at 18:22
  • I agree with @ohnana, except that I'd use ipsets as I think it would be easier to maintain (and would probably have better performance for such a dataset). – user2313067 Apr 07 '16 at 21:39

0 Answers0