Skip to content
Costa Tsaousis edited this page Mar 26, 2016 · 24 revisions

There is a site for this repo: http://iplists.firehol.org.

In this site we analyze all IP Lists, to find their history, age of IPs included, retention policy, overlaps with other IP lists, etc.


IMPORTANT

You should not use the ipsets in this repo in production systems. YOU SHOULD ALWAYS DOWNLOAD THE IP LISTS DIRECTLY FROM THEIR MAINTAINERS.

update-ipsets can do this for you! Read on...

Downloading IP lists

Using update-ipsets you can download all the IP lists, in a common format, directly from the maintainers' sites, to your computer.

Read the page Downloading IP Lists to find out how.

update-ipsets has many features, including:

  • downloads all IP lists directly from their maintainers.

  • unzips, extracts and processes the downloaded files to produce a common format for all of them.

  • super easy, you just say "I want this and that", update-ipsets does the rest.

  • if you run an iptables firewall that uses ipsets (like FireHOL), it can update ipsets directly to your computer's kernel, without restarting your firewall. It also optimizes ipsets to allow your firewall have the best possible performance.

  • it can be monitored over the web, using a site exactly the same with http://iplists.firehol.org. Actually, this site is the monitor of my personal update-ipsets installation. You just need a web server capable of serving static content. No databases or application servers are required.

  • it is just a script you run with cron. No daemons to worry about.