First Level Protection with IPv64.net
With IPv64.net you can effectively protect your systems and infrastructures against various attacks from the Internet.
The IPv64.net blocklists can be easily integrated into many different systems and actively used. Simply use these instructions to integrate them into your systems or infrastructure.
All commands and integration help provided here have been checked and validated, but may still have a negative effect on your system. Therefore, try out these commands in a test environment beforehand or make sure that you have a valid backup.
A "pf solution" is very often used as a firewall. pfSense provides the market with an outstanding product in the form of its firewall solution and, if desired, even offers a community version free of charge.
A "pf solution" is very often used as a firewall. OPNsense provides the market with an outstanding product in the form of its firewall solution and, if desired, even offers a community version free of charge.
IPTables are a common method for effectively blocking IP addresses and subnets. We use the "ipset" command to create IP lists. You may need to install the ipsets package later with "apt install ipset".
What is this script doing?
This script is a bash script that downloads a list of IP addresses and subnets from a given URL, stores them in an ipset list, and then creates an iptables rule to block traffic from those IP addresses and subnets.
#!/bin/bash
# URL from which to download the IP addresses and subnets
URL="https://ipv64.net/blocklists/ipv64_blocklist_blocklistde_all.txt"
# Name of the ipset list
IPSET_LIST="blocked_ips"
# File to store the downloaded IP addresses and subnets
IP_LIST_FILE="/tmp/ip_list.txt"
# Check if the ipset list already exists
if ! ipset list $IPSET_LIST &>/dev/null; then
# Create the ipset list if it doesn't exist
ipset create $IPSET_LIST hash:net
else
# Delete and recreate the ipset list to update it if it exists
ipset destroy $IPSET_LIST
ipset create $IPSET_LIST hash:net
fi
# Download the IP addresses and subnets from the URL and save them to the file
curl -s $URL > $IP_LIST_FILE
# Read IP addresses and subnets from the file and add them to the ipset list
while IFS= read -r line; do
ipset add $IPSET_LIST $line
done < $IP_LIST_FILE
# Create or update the iptables rule to block traffic from the IP addresses and subnets in the ipset list
iptables -A INPUT -m set --match-set $IPSET_LIST src -j DROP
# Save the iptables rules
iptables-save > /etc/iptables/rules.v4
You can use this list just as easily with a Mikrotik Router/Firewall. In this case we simply use a Mikrotik script and add this IPv64 Blocklist to a firewall IP list. The script does this fully automatically for you.
Click on System -> Scripts -> Button
:local url "https://ipv64.net/blocklists/ipv64_blocklist_blocklistde_all.txt"
:local listName "IPv64-Blocklist"
# Inhalte von der URL herunterladen
/tool fetch url=$url mode=http
:local fileContents [/file get [/file find name="ipv64_blocklist_blocklistde_all.txt"] contents]
:local ipAddressList [:toarray $fileContents]
# IP-Adressen extrahieren und der Firewall-Adressliste hinzufügen
:foreach ip in=$ipAddressList do={
/ip firewall address-list add address=$ip list=$listName
}
The filter rule must be added once and the entire IP list is on the block list.
ip firewall filter add action=drop src-address-list=IPv64-Blocklist chain=input
With IPv64.net you can effectively protect your systems and infrastructures against various attacks from the Internet.