-
Notifications
You must be signed in to change notification settings - Fork 386
Home
There is a site for this repo: http://iplists.firehol.org.
In this site we analyze all IP Lists, to find their history, age of IPs included, retention policy, overlaps with other IP lists, etc.
IMPORTANT
You should not use the ipsets in this repo in production systems. YOU SHOULD ALWAYS DOWNLOAD THE IP LISTS DIRECTLY FROM THEIR MAINTAINERS.
update-ipsetscan do this for you! Read on...
Using update-ipsets you can download all the IP lists, in a common format, directly from the maintainers' sites, to your computer.
Read the page Downloading IP Lists to find out how.
update-ipsets has many features, including:
-
downloads all IP lists directly from their maintainers.
-
unzips, extracts and processes the downloaded files to produce a common format for all of them.
-
super easy, you just say "I want this and that",
update-ipsetsdoes the rest. -
if you run an iptables firewall that uses ipsets (like FireHOL), it can update ipsets directly to your computer's kernel, without restarting your firewall. It also optimizes ipsets to allow your firewall have the best possible performance.
-
it can be monitored over the web, using a site exactly the same with http://iplists.firehol.org. Actually, this site is the monitor of my personal
update-ipsetsinstallation. You just need a web server capable of serving static content. No databases or application servers are required. -
it is just a script you run with
cron. No daemons to worry about.