{"id":18747900,"url":"https://github.com/drosocode/ipblocker","last_synced_at":"2025-07-07T16:32:54.268Z","repository":{"id":114486278,"uuid":"333693054","full_name":"drosoCode/IPblocker","owner":"drosoCode","description":null,"archived":false,"fork":false,"pushed_at":"2021-08-23T18:14:04.000Z","size":164,"stargazers_count":0,"open_issues_count":0,"forks_count":0,"subscribers_count":1,"default_branch":"main","last_synced_at":"2025-06-21T06:06:46.507Z","etag":null,"topics":[],"latest_commit_sha":null,"homepage":null,"language":"Python","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":"mit","status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/drosoCode.png","metadata":{"files":{"readme":"README.md","changelog":null,"contributing":null,"funding":null,"license":"LICENSE","code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":null,"support":null,"governance":null,"roadmap":null,"authors":null,"dei":null,"publiccode":null,"codemeta":null}},"created_at":"2021-01-28T08:25:04.000Z","updated_at":"2021-08-23T18:14:07.000Z","dependencies_parsed_at":"2023-05-16T23:15:38.143Z","dependency_job_id":null,"html_url":"https://github.com/drosoCode/IPblocker","commit_stats":null,"previous_names":[],"tags_count":0,"template":false,"template_full_name":null,"purl":"pkg:github/drosoCode/IPblocker","repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/drosoCode%2FIPblocker","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/drosoCode%2FIPblocker/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/drosoCode%2FIPblocker/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/drosoCode%2FIPblocker/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/drosoCode","download_url":"https://codeload.github.com/drosoCode/IPblocker/tar.gz/refs/heads/main","sbom_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/drosoCode%2FIPblocker/sbom","host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":264113329,"owners_count":23559343,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2022-07-04T15:15:14.044Z","host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":[],"created_at":"2024-11-07T16:31:54.229Z","updated_at":"2025-07-07T16:32:54.146Z","avatar_url":"https://github.com/drosoCode.png","language":"Python","funding_links":[],"categories":[],"sub_categories":[],"readme":"# IP Blocker for Graylog and OPNsense\n\nSoftware to block IPs on OPNsense firewall based on a gelf stream\n\n## Installation\n - Import db.sql in your database system (Maria DB recommanded)\n - Customize your config.json file and edit its path in the docker-compose.yml file\n - Clone this repo and run `docker-compose build` to build the container and `docker-compose up -d` to start it\n\n## Configuration\n### \u003cins\u003eIP Blocker\u003c/ins\u003e:\n|Name | Description |\n|--------|------------|\n| db_host | Database Host |\n| db_user | Database User |\n| db_password | Database Password |\n| db_name | Database Name |\n| gelf_bind_addr | Gelf listener bind address |\n| gelf_port | Gelf listener port |\n| api_host | OPNsense IP |\n| api_apikey | OPNsense API key |\n| api_secret | OPNsense API secret |\n| api_alias_name | OPNsense Alias Name (host type) |\n| api_scheme | http or https |\n| api_verify | Enable / disable certificate verification |\n| enable_ban_notif | Enable discord notification for each ip ban |\n| bot_token | discord bot token (leave empty to disable the bot) |\n| bot_channel | discord channel id to send notifications (in discord with dev mode, right click on the channel -\u003e Copy Identifier) |\n| check_interval | Check interval for ban processing (level 1 and 2), in seconds |\n| level_x_detect_time | detection time for level 1 bans (in seconds) |\n| level_x_detect_nb | detection time for level 1 bans (in seconds) |\n| level_x_ban_time | duration of a ban (in seconds) |\n| level_2_detect_nb_lvl1 | number of level 1 messages to get an equivalent level 2 |\n\nThere a 4 levels of ban:\n - level 1 and 2 are triggered when there was a specified number of messages (level_x_detect_nb) in a specified period of time (level_x_detect_time)\n - level 3 is instantly banned\n - level 4 is instantly and permantently banned\nFor levels 1 to 3 you can specify a ban time duration (level_x_ban_time)\n\n### \u003cins\u003eGraylog\u003c/ins\u003e:\nCreate an output stream (GELF UDP) pointing to your IP Blocker ip/port  \nThe following fields are processed:  \n - IPV4: an IPv4 address (required)\n - threat_level: the level of the threat (from 1 to 4)  (required)\n - threat_rule: the name of the rule that triggered the ban (optional)\n - src_ip_geo_country: the country associated to the IP (optional)\n - src_ip_geo_city: the city associated to the IP (optional)\n - fields: json that can contains the previous fields (optional)\n\n### \u003cins\u003eOPNsense\u003c/ins\u003e:\nCreate an api key (`System \u003e Access \u003e Users`)\nCreate an IP Alias of Host Type (`Firewall \u003e Aliases`)\n\n## Screenshots\n\n![Web UI](.github/images/webui.png)\n![Discord Bot](.github/images/discord.png)\n","project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fdrosocode%2Fipblocker","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Fdrosocode%2Fipblocker","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fdrosocode%2Fipblocker/lists"}