https://github.com/haikelfazzani/fireblock
🛡️ 🧱 Bash scripts to manage firewall rules & hosts file for blocking malware, phishing & malicious domains for a safer internet.
https://github.com/haikelfazzani/fireblock
alienvault firewall hosts ipset iptables linux malicious malware pishing
Last synced: 11 months ago
JSON representation
🛡️ 🧱 Bash scripts to manage firewall rules & hosts file for blocking malware, phishing & malicious domains for a safer internet.
- Host: GitHub
- URL: https://github.com/haikelfazzani/fireblock
- Owner: haikelfazzani
- License: apache-2.0
- Created: 2023-02-15T21:48:47.000Z (over 3 years ago)
- Default Branch: main
- Last Pushed: 2024-04-09T07:02:41.000Z (about 2 years ago)
- Last Synced: 2025-06-13T19:42:21.259Z (about 1 year ago)
- Topics: alienvault, firewall, hosts, ipset, iptables, linux, malicious, malware, pishing
- Language: Shell
- Homepage:
- Size: 14.6 KB
- Stars: 6
- Watchers: 1
- Forks: 0
- Open Issues: 0
-
Metadata Files:
- Readme: Readme.md
- License: LICENSE
Awesome Lists containing this project
README
# Fireblock
Bash scripts to manage firewall rules & hosts file for blocking malware, phishing & malicious domains for a safer internet.
# Getting Started
## Clone the repository
```shell
git clone https://github.com/haikelfazzani/Fireblock
cd Fireblock
```
## IPtables installation
```shell
apt install ipset iptables netfilter-persistent ipset-persistent iptables-persistent
```
# Commands
***block websites: update /etc/hosts***
```shell
bash hosts-file/index.sh
```
***update firewall rules for range IP***
```shell
bash firewall/block_range.sh
```
***update firewall rules for list IP***
```shell
bash firewall/block_ips.sh
```
***update firewall rules for common rules***
```shell
bash firewall/common-rules.sh
```
***update all***
```shell
bash update-all.sh
```
# Some useful iptables rules
***DROP RFC1918 PACKETS***
```shell
-A INPUT -s 10.0.0.0/8 -j DROP
-A INPUT -s 172.16.0.0/12 -j DROP
-A INPUT -s 192.168.0.0/16 -j DROP
```
***Outbound UDP Flood protection***
```shell
iptables -N udp-flood
iptables -A OUTPUT -p udp -j udp-flood
iptables -A udp-flood -p udp -m limit --limit 50/s -j RETURN
iptables -A udp-flood -j LOG --log-level 4 --log-prefix 'UDP-flood attempt: '
iptables -A udp-flood -j DROP
```
***prevent flooding general***
```shell
iptables -N udp-flood
iptables -A udp-flood -m limit --limit 4/second --limit-burst 4 -j RETURN
iptables -A udp-flood -j DROP
iptables -A INPUT -i eth0 -p udp -j udp-flood
iptables -A INPUT -i eth0 -f -j DROP
```
***prevent amplification attack***
```shell
iptables -N DNSAMPLY
iptables -A DNSAMPLY -p udp -m state --state NEW -m udp --dport 53 -j ACCEPT
iptables -A DNSAMPLY -p udp -m hashlimit --hashlimit-srcmask 24 --hashlimit-mode srcip --hashlimit-upto 30/m --hashlimit-burst 10 --hashlimit-name DNSTHROTTLE --dport 53 -j ACCEPT
iptables -A DNSAMPLY -p udp -m udp --dport 53 -j DROP
```
# Contributing
We welcome contributions to improve and expand this project. Feel free to submit pull requests for bug fixes, feature enhancements, or additional security measures.
# Notes
- [Old Repository of the project](https://gitlab.com/haikelfazzani/hosts)
- [Block list Repository](https://gitlab.com/haikelfazzani/blocklist)
# Read more
- [A Tutorial for Controlling Network Traffic with iptables](https://www.linode.com/docs/guides/control-network-traffic-with-iptables/)
- [IPset reference](https://manpages.debian.org/testing/ipset/ipset.8.en.html)
- [Iptables Essentials](https://github.com/trimstray/iptables-essentials/blob/master/README.md#xmas-packets)
- [IPtables persist](https://unix.stackexchange.com/questions/52376/why-do-iptables-rules-disappear-when-restarting-my-debian-system)
# License
Apache 2.0