Skip to content

brahma-dev/ufw-bots

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

3,305 Commits
.github/workflows
.github/workflows
 
 
files
files
 
 
.gitignore
.gitignore
 
 
LICENSE
LICENSE
 
 
README.md
README.md
 
 
bun.lock
bun.lock
 
 
index.ts
index.ts
 
 
package.json
package.json
 
 

Repository files navigation

ufw-bots

This project provides lists of datacenter IP addresses and scripts to help you block them using ufw or iptables. By blocking these IPs, you can reduce the amount of bot traffic to your servers.

It gets ASNs of hosting providers from O-X-L/risk-db-lists and generates the subnet lists from that.

I have excluded the following ASNs from the above list. See notSoBadASNs in index.ts

  • Cloudflare (13335)

A GitHub workflow automatically updates the IP lists in this repo every 6 hours. You can directly download those if you need them for some other purpose like risk scores...

Safety Warning

Modifying firewall rules can be dangerous and may lock you out of your server if not done carefully. Before using these scripts, please ensure you have:

  1. Backup access to your server: This could be through a cloud provider's web console or physical access.
  2. Whitelisted your own IP address: Make sure your current IP address is allowed by your firewall rules to prevent losing access. You can add a rule like sudo ufw allow from YOUR_IP_ADDRESS to any to allow your own IP.

Use these scripts at your own risk.

Prerequisites

You must have Bun installed on your system to generate the firewall scripts.

Installation and Usage

  1. Clone the Repository

    git clone https://github.com/brahma-dev/ufw-bots.git
cd ufw-bots

  2. Install Dependencies

    bun install

  3. Generate the lists

    bun start

    This command will generate ipv4.txt,ipv6.txt and combined.txt in the files directory.

  4. Run the Script

    You can inspect the scripts. When you are ready, run the appropriate script for your firewall:

    • For UFW:

      sudo ./files/ufw.sh

    • For IPTables:

      (Requires ipset to be installed)

      sudo ./files/iptables.sh

Automating with Cron

To keep your blocklist updated automatically, you can set up a cron job. The safest way to run scheduled tasks that require root permissions is to add them to the root user's crontab.

  1. Open the root user's crontab editor.

    sudo crontab -e

  2. Add one of the following lines to the file. This will run the update script every 6 hours. Make sure to replace /path/to/ufw-bots with the actual path to where you cloned the repository. Replace bun with it's full path if it's not in root's $PATH

    • For UFW:

      0 */6 * * * cd /path/to/ufw-bots && bun install && bun start && ./files/ufw.sh
      0 */6 * * * cd /home/username/ufw-bots && /home/username/.bun/bin/bun install && /home/username/.bun/bin/bun start && ./files/ufw.sh

    • For IPTables:

      0 */6 * * * cd /path/to/ufw-bots && bun install && bun start && ./files/iptables.sh
      0 */6 * * * cd /home/username/ufw-bots && /home/username/.bun/bin/bun install && /home/username/.bun/bin/bun start && ./files/iptables.sh

  3. Save and exit the editor. The cron job is now active.

Uninstall

If you need to remove the firewall rules added by this script, follow these instructions.

UFW

cd /path/to/ufw-bots
sudo ./files/ufw_remove.sh

IPTables

cd /path/to/ufw-bots
sudo ./files/iptables_remove.sh

Help Needed

Shell expert to vet / improve the scripts.

About

List of datacenter IPs to block and script to automate it.

Resources

Readme

License

MIT license
Activity

Stars

24 stars

Watchers

2 watching

Forks

4 forks
Report repository

Releases

No releases published

Packages

 
 
 

Contributors

Languages