Join GitHub today
GitHub is home to over 28 million developers working together to host and review code, manage projects, and build software together.Sign up
There is a site for this repo: http://iplists.firehol.org.
In this site we analyze all IP Lists, to find their history, age of IPs included, retention policy, overlaps with other IP lists, etc.
You should not use the ipsets in this repo in production systems. YOU SHOULD ALWAYS DOWNLOAD THE IP LISTS DIRECTLY FROM THEIR MAINTAINERS.
update-ipsetscan do this for you! Read on...
Downloading IP lists
update-ipsets you can download all the IP lists, in a common format, directly from the maintainers' sites, to your computer.
Read the page Downloading IP Lists to find out how.
update-ipsets has many features, including:
downloads all IP lists directly from their maintainers.
unzips, extracts and processes the downloaded files to produce a common format for all of them.
super easy, you just say "I want this and that",
update-ipsetsdoes the rest.
if you run an iptables firewall that uses ipsets (like FireHOL), it can update ipsets directly to your computer's kernel, without restarting your firewall. It also optimizes ipsets to allow your firewall have the best possible performance.
it can be monitored over the web, using a site exactly the same with http://iplists.firehol.org. Actually, this site is the monitor of my personal
update-ipsetsinstallation. You just need a web server capable of serving static content. No databases or application servers are required.
it is just a script you run with
cron. No daemons to worry about.