To manage firewall rules based on iptables and ipset package IPSET-NG has utilites buildblst.
After installing the package, it should be on the path /usr/bin/buildblst.sh.
The complex ipset-ng solution centrally controls firewall rules provisioning and can be tailored to work with your organization's existing conceptions.
When installing the launch buildblst will automatically be added to the schedule of tasks cron service.
#/usr/bin/buildblst.sh
This is part from ipset-ng access system
Manage firewall rules and update Block List ipset format from pick-nik.ru
usage init: buildblst.sh [ --init-ipset ]
usage erase: buildblst.sh [ --erase-ipset ]
usage delete: buildblst.sh [ --delete-ipset ]
usage backup: buildblst.sh [ --backup-ipset ]
usage restore: buildblst.sh [ --restore-ipset ]
usage update: buildblst.sh [ --update-net ]
Manually create standard schema initiate ipset and iptables rules.
Run the following command:
buildblst.sh --init-ipset
after, follow these steps:
buildblst.sh --update-net
This command downloads the latest updates of blacklists and updates ipset and iptables rules.
To save the updates in the event of a reboot or cleaning firewall rules, run the following command:
buildblst.sh --backup-ipset
You can always restore the previous saved state firewall by running the following command:
buildblst.sh --restore-ipset
You can also clear all the ipset rules blacklist command:
buildblst.sh --erase-ipset
or completely remove all of the ipset tables and clear iptables firewall rules:
buildblst.sh --delete-ipset
For automatic updates, it is reasonable to put this command in cron service:
crontab <ipset-ng-src-dir>/misc/startup/updatecrl.cron
// command in file updatecrl.cron
// 00 01 * * * /usr/bin/buildblst.sh --update-net
And check installation to cron services, type:
crontab -l
| Meta Tags: IPSET manage utilites buildblst |
|---|