{"id":17312870,"url":"https://github.com/9seconds/iblocklist2ipset","last_synced_at":"2026-03-10T00:31:05.683Z","repository":{"id":19768769,"uuid":"23026803","full_name":"9seconds/iblocklist2ipset","owner":"9seconds","description":"Converts P2P lists from IBlocklist.com to IPSet compatile format","archived":false,"fork":false,"pushed_at":"2019-10-23T16:45:05.000Z","size":40,"stargazers_count":16,"open_issues_count":3,"forks_count":5,"subscribers_count":4,"default_branch":"master","last_synced_at":"2025-09-22T15:47:28.715Z","etag":null,"topics":[],"latest_commit_sha":null,"homepage":null,"language":"Python","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":"mit","status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/9seconds.png","metadata":{"files":{"readme":"README.rst","changelog":null,"contributing":null,"funding":null,"license":"LICENSE","code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":null,"support":null}},"created_at":"2014-08-16T20:47:19.000Z","updated_at":"2023-12-06T13:39:47.000Z","dependencies_parsed_at":"2022-08-25T02:01:09.872Z","dependency_job_id":null,"html_url":"https://github.com/9seconds/iblocklist2ipset","commit_stats":null,"previous_names":[],"tags_count":1,"template":false,"template_full_name":null,"purl":"pkg:github/9seconds/iblocklist2ipset","repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/9seconds%2Fiblocklist2ipset","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/9seconds%2Fiblocklist2ipset/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/9seconds%2Fiblocklist2ipset/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/9seconds%2Fiblocklist2ipset/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/9seconds","download_url":"https://codeload.github.com/9seconds/iblocklist2ipset/tar.gz/refs/heads/master","sbom_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/9seconds%2Fiblocklist2ipset/sbom","scorecard":{"id":6481,"data":{"date":"2025-08-11","repo":{"name":"github.com/9seconds/iblocklist2ipset","commit":"548d06230f499d0950e6a178d5ab58e1715d6e36"},"scorecard":{"version":"v5.2.1-40-gf6ed084d","commit":"f6ed084d17c9236477efd66e5b258b9d4cc7b389"},"score":2.4,"checks":[{"name":"Token-Permissions","score":-1,"reason":"No tokens found","details":null,"documentation":{"short":"Determines if the project's workflows follow the principle of least privilege.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#token-permissions"}},{"name":"Packaging","score":-1,"reason":"packaging workflow not detected","details":["Warn: no GitHub/GitLab publishing workflow detected."],"documentation":{"short":"Determines if the project is published as a package that others can easily download, install, easily update, and uninstall.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#packaging"}},{"name":"Dangerous-Workflow","score":-1,"reason":"no workflows found","details":null,"documentation":{"short":"Determines if the project's GitHub Action workflows avoid dangerous patterns.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#dangerous-workflow"}},{"name":"Code-Review","score":0,"reason":"Found 0/30 approved changesets -- score normalized to 0","details":null,"documentation":{"short":"Determines if the project requires human code review before pull requests (aka merge requests) are merged.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#code-review"}},{"name":"SAST","score":0,"reason":"no SAST tool detected","details":["Warn: no pull requests merged into dev branch"],"documentation":{"short":"Determines if the project uses static code analysis.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#sast"}},{"name":"Maintained","score":0,"reason":"0 commit(s) and 0 issue activity found in the last 90 days -- score normalized to 0","details":null,"documentation":{"short":"Determines if the project is \"actively maintained\".","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#maintained"}},{"name":"Pinned-Dependencies","score":-1,"reason":"no dependencies found","details":null,"documentation":{"short":"Determines if the project has declared and pinned the dependencies of its build process.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#pinned-dependencies"}},{"name":"Binary-Artifacts","score":10,"reason":"no binaries found in the repo","details":null,"documentation":{"short":"Determines if the project has generated executable (binary) artifacts in the source repository.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#binary-artifacts"}},{"name":"CII-Best-Practices","score":0,"reason":"no effort to earn an OpenSSF best practices badge detected","details":null,"documentation":{"short":"Determines if the project has an OpenSSF (formerly CII) Best Practices Badge.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#cii-best-practices"}},{"name":"Security-Policy","score":0,"reason":"security policy file not detected","details":["Warn: no security policy file detected","Warn: no security file to analyze","Warn: no security file to analyze","Warn: no security file to analyze"],"documentation":{"short":"Determines if the project has published a security policy.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#security-policy"}},{"name":"Fuzzing","score":0,"reason":"project is not fuzzed","details":["Warn: no fuzzer integrations found"],"documentation":{"short":"Determines if the project uses fuzzing.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#fuzzing"}},{"name":"Signed-Releases","score":-1,"reason":"no releases found","details":null,"documentation":{"short":"Determines if the project cryptographically signs release artifacts.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#signed-releases"}},{"name":"License","score":10,"reason":"license file detected","details":["Info: project has a license file: LICENSE:0","Info: FSF or OSI recognized license: MIT License: LICENSE:0"],"documentation":{"short":"Determines if the project has defined a license.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#license"}},{"name":"Branch-Protection","score":0,"reason":"branch protection not enabled on development/release branches","details":["Warn: branch protection not enabled for branch 'master'"],"documentation":{"short":"Determines if the default and release branches are protected with GitHub's branch protection settings.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#branch-protection"}},{"name":"Vulnerabilities","score":5,"reason":"5 existing vulnerabilities detected","details":["Warn: Project is vulnerable to: GHSA-9hjg-9r4m-mvj7","Warn: Project is vulnerable to: GHSA-9wx4-h78v-vm56","Warn: Project is vulnerable to: PYSEC-2023-74 / GHSA-j8r2-6x86-q33q","Warn: Project is vulnerable to: PYSEC-2015-17 / GHSA-pg2w-x9wp-vw92","Warn: Project is vulnerable to: PYSEC-2018-28 / GHSA-x84v-xcm2-53pg"],"documentation":{"short":"Determines if the project has open, known unfixed vulnerabilities.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#vulnerabilities"}}]},"last_synced_at":"2025-08-14T13:39:14.295Z","repository_id":19768769,"created_at":"2025-08-14T13:39:14.295Z","updated_at":"2025-08-14T13:39:14.295Z"},"host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":286080680,"owners_count":30318374,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2026-03-09T20:05:46.299Z","status":"ssl_error","status_checked_at":"2026-03-09T19:57:04.425Z","response_time":61,"last_error":"SSL_connect returned=1 errno=0 peeraddr=140.82.121.6:443 state=error: unexpected eof while reading","robots_txt_status":"success","robots_txt_updated_at":"2025-07-24T06:49:26.215Z","robots_txt_url":"https://github.com/robots.txt","online":false,"can_crawl_api":true,"host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":[],"created_at":"2024-10-15T12:44:53.276Z","updated_at":"2026-03-10T00:31:05.664Z","avatar_url":"https://github.com/9seconds.png","language":"Python","funding_links":[],"categories":[],"sub_categories":[],"readme":"iblocklist2ipset\n=========\n\n|Build Status| |Coverage Status| |Health Status| |PyPI Package|\n\niblocklist2ipset is a small utility (really small, check out sources)\nto manage your favourite `iblocklists \u003chttps://www.iblocklist.com/\u003e`__\nwith `IPSets \u003chttp://ipset.netfilter.org/\u003e`__.\n\nAll it does, it converts lists from P2P format to the format compatible with\n``ipset restore``. Basic usage is following:\n\n.. code-block:: bash\n\n    $ iblocklist2ipset generate \\\n        --ipset idiots\n        \"http://list.iblocklist.com/?list=usrcshglbiilevmyfhse\u0026fileformat=p2p\u0026archiveformat=gz\" \\\n        \u003e ~/.ipset\n    $ sudo ipset restore -f ~/.ipset\n\nAnd you are done.\n\nNow let's try to figure out why do you need it (and you need it).\n\n\nWhy do you need it\n------------------\n\nLet's imagine you are living in a country where DMCA makes sense and you\nwant to make your seedbox safe but you can't use PeerGuardian or PeerBlock\nbecause it sucks on Linux so you decide to use iptables + ipset so...\n\nWait. It looks like a tool for... piracy? No, of course it is not. Let's start\nagain.\n\nLet's imagine you have some kind of server (bare metal or cloud VM) and you are\nrunning some mission critical software on it. You do not like botnets or EVIL HACKERS\nso want to block all of them to have some good feeling of safety. You heard about\nblocklists supplied by `BlueTack \u003chttp://bluetack.co.uk\u003e`__ and wanna use them.\n\nBut pure iptables import sucks. iptables actually is a pretty dumb tool for shiny\nnetfilter and it sucks back and forth if you have a lot of rules (linear complexity\nis WTF in 2014, right?). You googled and found amazing `ipset \u003chttp://ipset.netfilter.org/\u003e`__\ntool which integrates with iptables perfectly. Lovely. Let's use it.\n\nSo this tool just converts gzipped P2P lists into something you can give to\nipset to restore, right? This is a missing tool and you definitely want it.\n\nWhy not to use PeerGuardian etc?\n--------------------------------\n\nGood question. Actually they are pretty heavyweight and do almost nothing. It is just a\nfirewall after firewall you already have installed. Look, basically combination of iptables,\nipset and iblocklist2ipset with cron gives you the same features.\n\nMoreover, I want to setup it once and do not worry about anything else. PeerGuardian is\ngreat if you are running this tool on desktop but not on a remote machine. Basically it looks\nas excess.\n\nExamples\n--------\n\nWell, to give you a feel of a tool, let's just execute it as is:\n\n.. code-block:: bash\n\n    $ iblocklist2ipset -h\n    Small utility to convert p2p format of IP Blocklists to IPSet format.\n\n    Usage:\n      iblocklist2ipset generate [options] BLOCKLIST_URL...\n      iblocklist2ipset example_restore_ipset_job [options] IPTABLES_NAME IPSET_PATH\n      iblocklist2ipset example_update_ipset_job [options] IPSET_PATH BLOCKLIST_URL...\n      iblocklist2ipset -h | --help\n      iblocklist2ipset --version\n\n    Options:\n      -h --help                         Shows this screen.\n      --version                         Shows version and exits.\n      -i IPSET_NAME --ipset=IPSET_NAME  The name of IPSet set [default: blocklist]\n\n    To get IP blocklists please visit https://www.iblocklist.com/\n\nSo as you can see, usage is pretty straightforward. You can give it multiple blocklist\nURLs and it will generate you correct file you can restore with ``ipset restore``. Let's do\nit with *hijacked* list:\n\n.. code-block:: bash\n\n    $ iblocklist2ipset generate \\\n        \"http://list.iblocklist.com/?list=usrcshglbiilevmyfhse\u0026fileformat=p2p\u0026archiveformat=gz\" \\\n        \u003e ipset_to_restore\n    $ head ipset_to_restore\n    create blocklist hash:net family inet hashsize 512 maxelem 536\n    add blocklist 81.22.152.0/23\n    add blocklist 91.220.163.0/24\n    add blocklist 206.209.80.0/20\n    add blocklist 204.187.254.0/24\n    add blocklist 103.12.216.0/22\n    add blocklist 193.0.146.0/23\n    add blocklist 208.90.0.0/21\n    add blocklist 110.232.160.0/20\n    add blocklist 91.213.148.0/24\n\nQuite nice, isn't it? It calculated proper sizes for our list also. Now you can just import it\n\n.. code-block:: bash\n\n    $ sudo ipset -f ipset_to_restore\n\nAnd you are safe.\n\nNot really, you need to setup iptables etc to get it work. No problems, if you are using the same\nconfiguration all the times, you can use ``example_restore_ipset_job`` and ``example_update_ipset_job``\ncommands to get some examples of the usage.\n\nReal world example\n------------------\n\nI have my Raspberry Pi running some mission critical software (BTSync for example) and I want to use\n`*hijacked* list from IBlockList.com \u003chttps://www.iblocklist.com/list.php?list=usrcshglbiilevmyfhse\u003e`__.\n\nI have a Raspbian up to date and now I want to use this shiny tool. First, let's install it.\n\n.. code-block:: bash\n\n    $ sudo pip install iblocklist2ipset\n    $ sudo apt-get install -y ipset\n\n(ipset is not bundled by default so install it before).\n\nI want to store an ipset blocklist into ``/etc/ipset.rules``.\n\n.. code-block:: bash\n\n    $ iblocklist2ipset example_restore_ipset_job \\\n        -i hijacked blocklist \\\n        /etc/ipset.rules \\\n        \u003e ~/scripts/ipset_restore.sh\n    $ chmod +x ~/scripts/ipset_restore.sh\n\nNow we created shell scripts. On execution it will restore iptables and ipset configuration. Please\nbe noticed that ``iblocklist2ipset`` understands virtualenv usage and script is generated with this\nknowledge also.\n\n.. code-block:: bash\n\n    $ iblocklist2ipset example_update_ipset_job \\\n        -i hijacked \\\n        /etc/ipset.rules \"http://list.iblocklist.com/?list=usrcshglbiilevmyfhse\u0026fileformat=p2p\u0026archiveformat=gz\" \\\n        \u003e ~/scripts/ipset_update.sh\n    $ chmod +x ~/scripts/ipset_update.sh\n\nLovely. Now we have a script to update. Let's update crontab then\n\n.. code-block:: bash\n\n    @reboot   /home/user/scripts/ipset_restore.sh\n    @midnight /home/user/scripts/ipset_update.sh\n\nWhy not to store this stuff into iptables permanently? Well this is mostly because of\nipset configuration. It loses it on reboot and it is not really trivial to restore it.\n\nProbably one day I will do it but right now it has to be like this. At least it works\nfor me.\n\nCheers.\n\n.. |Build Status| image:: https://travis-ci.org/9seconds/iblocklist2ipset.svg?branch=master\n    :target: https://travis-ci.org/9seconds/iblocklist2ipset\n\n.. |Coverage Status| image:: https://coveralls.io/repos/9seconds/iblocklist2ipset/badge.png?branch=master\n    :target: https://coveralls.io/r/9seconds/iblocklist2ipset?branch=master\n\n.. |Health Status| image:: https://landscape.io/github/9seconds/iblocklist2ipset/master/landscape.png\n   :target: https://landscape.io/github/9seconds/iblocklist2ipset/master\n   :alt: Code Health\n\n.. |PyPI Package| image:: https://badge.fury.io/py/iblocklist2ipset.svg\n    :target: http://badge.fury.io/py/iblocklist2ipset\n","project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2F9seconds%2Fiblocklist2ipset","html_url":"https://awesome.ecosyste.ms/projects/github.com%2F9seconds%2Fiblocklist2ipset","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2F9seconds%2Fiblocklist2ipset/lists"}