Simplifying (I hope) UFW and iptables, includes a utility to get blocklists and incorporate them.
Switch branches/tags
Nothing to show
Clone or download
Fetching latest commit…
Cannot retrieve the latest commit at this time.
Permalink
Failed to load latest commit information.
applications.d
LICENSE
README.md
dangerzone.jpg
ufw_setup.sh
ufw_setup_public.sh
update_adblock.sh
update_ipblock.sh

README.md

ufw-iptables-archer

Simplifying (I hope) UFW and iptables for folks and serving as a reference for myself

Beware! You're entering the ....

danger zone!

Everything in /applications.d goes into /etc/ufw/applications.d. You'll need to change the owner to root.

#ufw_setup.sh

I've provided two scripts so you can easily run one depending on your location; public or not public. Comment and uncomment as needed for what you want to expose to the LAN and interwebs. You will need to run this with superuser rights.

Edit the rules in the LAN area to reflect the subnet of your LAN, obvs.

You can use something like my network control manager to configure which script is called.

#update_ipblock.sh

This is a script to automate the downloading, cleaning, and implementation of blocklists for IPTABLES to protect your computer or server from IPs associated with bad things like malware, child pornography, web exploits, and the like. I mean, if someone's gone to the bother to collect these blocklists, we might as well use them for legit purposes, right?

It can be used without my UFW script, but you'll want to uncomment the last two lines. You will need to run this with superuser rights.

Prerequisites: IPSET, which should be available for your distribution.