IP-Sets¶

sudo apt install firehol ipset

sudo nano /etc/firehol/firehol.conf

# FireHOL configuration
FIREHOL_MODE="ROUTER"

# Blacklists
BLACKLIST_IPSET_DIR="/etc/firehol/ipsets"

# Enable ipset blacklists
FIREHOL_IPSET_TYPE="hash:ip"
FIREHOL_IPSET_SAVE="yes"

# Interface configuration
interface eth0 lan
    policy accept
    protection strong
    server "ssh http https" accept
    client all accept

# Blacklist rule
blacklist full "ipset:firehol level1"

sudo mkdir -p /etc/firehol/ipsets

sudo nano /usr/local/bin/update-blacklists.sh

#!/bin/bash

CLONE_DIR="/var/tmp/blocklist-ipsets"
DEST_DIR="/etc/firehol/ipsets"

echo "=========================="
echo "$(date): Starte FireHOL Blocklist Update..."

# Altes Repo löschen
rm -rf $CLONE_DIR

# Neues Repo klonen
git clone https://github.com/firehol/blocklist-ipsets.git $CLONE_DIR

# IP-Sets kopieren
cp $CLONE_DIR/*.ipset $DEST_DIR/

# FireHOL neu laden
firehol try

echo "$(date): FireHOL Blocklist Update abgeschlossen"
echo "=========================="

sudo chmod +x /usr/local/bin/update-blacklists.sh

sudo nano /etc/cron.weekly/update-blacklists

#!/bin/bash
/usr/local/bin/update-blacklists.sh

sudo /usr/local/bin/update-blacklists.sh

sudo ipset list
sudo ipset list firehol_level1

sudo ipset del firehol_level1 192.168.1.100