README: usage
This commit is contained in:
parent
a964f4fd63
commit
9ccfe4f5c0
1 changed files with 13 additions and 1 deletions
14
README.md
14
README.md
|
|
@ -1,6 +1,8 @@
|
||||||
# AutoFW
|
# AutoFW
|
||||||
|
|
||||||
Inspired by fail2ban.
|
This tool is inspired by fail2ban.
|
||||||
|
|
||||||
|
Assumes UFW for now.
|
||||||
|
|
||||||
## Building
|
## Building
|
||||||
|
|
||||||
|
|
@ -10,3 +12,13 @@ apt-get install -y cmake libpcre2-dev
|
||||||
cmake .
|
cmake .
|
||||||
make
|
make
|
||||||
|
|
||||||
|
## Usage
|
||||||
|
|
||||||
|
1. Create a file autofw.whitelist, containing IP addresses and ranges that should always be allowed to connect.
|
||||||
|
1. Collect all IP addresses and ranges to block into a new file, say `autofw.badips`. It may be a good idea to filter out entries in the whitelist.
|
||||||
|
1. Run `ufw insert 1 deny from $ip` for each entry in `autofw.badips`. The ufw tool will automatically ignore duplicates.
|
||||||
|
1. Collect all blacklisted addresses using the following command:
|
||||||
|
``ufw status verbose | grep DENY | awk '{print $4}' > autofw.blacklist``
|
||||||
|
1. Run `./autofw > ufw.updates`.
|
||||||
|
1. Run the `ufw.updates` script.
|
||||||
|
|
||||||
|
|
|
||||||
Loading…
Add table
Reference in a new issue