SCFW3

Overview

These are two simple scripts to block known and learned bad addresses.
It is meant to be used on top of firewalld.
This is for resource management, not security.

Use

Place scfw3.sh into /etc/cron.daily/1scfw
- Copy ip-aggregator.py into /usr/local/bin/
  - This is mandatory
- Configure the lists you want enabled at the top of it
Place trash.sh into /etc/cron.hourly/2trash
chmod +x both of them
Enjoy!

Known Issues

You must set FirewallBackend to iptables for firewalld or will have very long load times
- see firewalld/firewalld#738

Credits

FireHOL for the blocklists: https://iplists.firehol.org
IPdeny for the country lists: https://ipdeny.com
@andrewtwin for the IP & CIDR merger: https://github.com/andrewtwin/ip-aggregator

Donate

https://divested.dev/donate

Name		Name	Last commit message	Last commit date
Latest commit History 65 Commits
.gitignore		.gitignore
.gitlab-ci.yml		.gitlab-ci.yml
LICENSE		LICENSE
README.md		README.md
ip-aggregator.py		ip-aggregator.py
scfw3.sh		scfw3.sh
trash.sh		trash.sh

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Uh oh!

Uh oh!

Repository files navigation

SCFW3

Overview

Use

Known Issues

Credits

Donate

About

Uh oh!

Sponsor this project

Uh oh!

Uh oh!

Languages

Uh oh!

License

divestedcg/SCFW3

Folders and files

Latest commit

History

Repository files navigation

SCFW3

Overview

Use

Known Issues

Credits

Donate

About

Resources

License

Uh oh!

Stars

Watchers

Forks

Sponsor this project

Uh oh!

Uh oh!

Languages