SCFW3

Overview

This is a simple script to block known bad addresses. It is meant to be used on top of firewalld.

Use

Place scfw3.sh into /etc/cron.daily/1scfw
- Copy ip-aggregator.py into /usr/local/bin/
  - This is mandatory
- Configure the lists you want enabled at the top of it
Place trash.sh into /etc/cron.hourly/2trash
chmod +x both of them
Enjoy!

Known Issues

You must set FirewallBackend to iptables for firewalld or will have very long load times
- see firewalld/firewalld#738

Credits

FireHOL for the blocklists: https://iplists.firehol.org
IPdeny for the country lists: https://ipdeny.com
@andrewtwin for the IP & CIDR merger: https://github.com/andrewtwin/ip-aggregator

Donate

https://divested.dev/donate

Name		Name	Last commit message	Last commit date
Latest commit History 50 Commits
.gitignore		.gitignore
LICENSE		LICENSE
README.md		README.md
ip-aggregator.py		ip-aggregator.py
scfw3.sh		scfw3.sh
trash.sh		trash.sh

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

.gitignore

.gitignore

LICENSE

LICENSE

README.md

README.md

ip-aggregator.py

ip-aggregator.py

scfw3.sh

scfw3.sh

trash.sh

trash.sh

Repository files navigation

SCFW3

Overview

Use

Known Issues

Credits

Donate

About

Sponsor this project

Languages

License

divestedcg/SCFW3

Folders and files

Latest commit

History

Repository files navigation

SCFW3

Overview

Use

Known Issues

Credits

Donate

About

Resources

License

Stars

Watchers

Forks

Sponsor this project

Languages