|
|
@@ -30,12 +30,30 @@ Not yet released.
|
|
|
|
|
|
## IPset Blacklists
|
|
|
|
|
|
-OpenAdmin Firewall now allows Administrators to add blacklists and block all IP addresses from them.
|
|
|
+OpenAdmin Firewall now allows Administrators to easily add blacklists to block IP addresses from known malicious sources.
|
|
|
|
|
|
-This feature uses [ipset-blacklist service](https://github.com/stefanpejcic/ipset-blacklist) to automatically fetch ip addresses from configured blacklists and modify UFW.
|
|
|
+This feature uses the [ipset-blacklist service](https://github.com/stefanpejcic/ipset-blacklist) automating the process of fetching and blocking IPs. It's a simple yet effective way to enhance system security without manual hassle.
|
|
|
|
|
|
|
|
|
|
|
|
+Default blacklists:
|
|
|
+
|
|
|
+| Name | URL |
|
|
|
+|-----------------|----------------------------------------------------------------------|
|
|
|
+| abuseipdb (DISABLED) | [https://api.abuseipdb.com/api/v2/blacklist](https://api.abuseipdb.com/api/v2/blacklist) |
|
|
|
+| openpanel (DISABLED) | [https://api.openpanel.co/blocklist.txt](https://api.openpanel.co/blocklist.txt) |
|
|
|
+| spamhaus_drop | [https://www.spamhaus.org/drop/drop.lasso](https://www.spamhaus.org/drop/drop.lasso) |
|
|
|
+| spamhaus_edrop | [https://www.spamhaus.org/drop/edrop.lasso](https://www.spamhaus.org/drop/edrop.lasso) |
|
|
|
+| dshield | [https://www.dshield.org/feeds/suspiciousdomains_Low.txt](https://www.dshield.org/feeds/suspiciousdomains_Low.txt) |
|
|
|
+| firehol_level1 | [https://raw.githubusercontent.com/firehol/blocklist-ipsets/master/firehol_level1.netset](https://raw.githubusercontent.com/firehol/blocklist-ipsets/master/firehol_level1.netset) |
|
|
|
+| firehol_level2 | [https://raw.githubusercontent.com/firehol/blocklist-ipsets/master/firehol_level2.netset](https://raw.githubusercontent.com/firehol/blocklist-ipsets/master/firehol_level2.netset) |
|
|
|
+| firehol_level3 | [https://raw.githubusercontent.com/firehol/blocklist-ipsets/master/firehol_level3.netset](https://raw.githubusercontent.com/firehol/blocklist-ipsets/master/firehol_level3.netset) |
|
|
|
+| firehol_level4 | [https://raw.githubusercontent.com/firehol/blocklist-ipsets/master/firehol_level4.netset](https://raw.githubusercontent.com/firehol/blocklist-ipsets/master/firehol_level4.netset) |
|
|
|
+| binarydefense | [https://www.binarydefense.com/banlist.txt](https://www.binarydefense.com/banlist.txt) |
|
|
|
+| blocklist_de | [https://lists.blocklist.de/lists/all.txt](https://lists.blocklist.de/lists/all.txt) |
|
|
|
+
|
|
|
+Administrators can add additional blacklists.
|
|
|
+
|
|
|
New opencli commands are also available:
|
|
|
|
|
|
- Download new IP addresses for all enabled blocklists:
|
Stefan Pejcic