Skip to content

How to Maintain Blacklist for IPTables Atomatically

  • by

Several sources provide IP blacklist free to download, you can leverage the blacklist to plan the blocking policies for your own firewall.

  • http://myip.ms/files/blacklist/csf/latest_blacklist.txt
  • http://infiltrated.net/blacklisted

Assuming that we have three different sources of blacklist, one is a local-maintained blacklist at /path/to/blacklist_local, two external sources from internet as listed above. All the sources will be combined into a finalized blacklist /path/to/blacklist. Let's see the steps:

  1. Create an executable script for maintaining the blacklist.
  2. [root@test ~]# vi /path/to/maintain_blacklist.sh
    #!/bin/bash
    WDIR=/path/to
    IPLT=$WDIR/blacklist

    # Copy the local-maintained blacklist to the final blacklist
    cat $WDIR/blacklist_local > $IPLT

    # Download the blacklists from Internet and add them to the final blacklist
    curl -s http://myip.ms/files/blacklist/csf/latest_blacklist.txt >> $IPLT
    curl -s http://infiltrated.net/blacklisted >> $IPLT
  3. Make the script executable
  4. [root@test ~]# chmod u+x /path/to/maintain_blacklist.sh
  5. Schedule the job in cron table
  6. [root@test ~]# crontab -e
    0 0 * * * sh /path/to/maintain_blacklist.sh

    I scheduled the job to be executed every day.

Next, you should plan to apply the blacklist into IPTables, you may refer to my post for more implementations: How to Block Blacklist in IPTables.

Leave a Reply

Your email address will not be published. Required fields are marked *