daniel/autofw
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions
No description
7 commits 1 branch 0 tags 70 KiB
Find a file
Daniel Brahneborg 9ccfe4f5c0 README: usage
2025-12-04 17:03:06 +01:00
.gitignore more files 2025-12-04 15:52:13 +01:00
autofw.c more files 2025-12-04 15:52:13 +01:00
CMakeLists.txt compiles 2025-12-04 16:53:41 +01:00
LICENSE LICENSE 2025-12-04 15:36:37 +01:00
matcher.c matcher_match: disable output 2025-12-04 16:55:52 +01:00
matcher.h compiles 2025-12-04 16:53:41 +01:00
pbuf.c compiles 2025-12-04 16:53:41 +01:00
pbuf.h compiles 2025-12-04 16:53:41 +01:00
README.md README: usage 2025-12-04 17:03:06 +01:00
vbuf.c compiles 2025-12-04 16:53:41 +01:00
vbuf.h compiles 2025-12-04 16:53:41 +01:00

README.md

AutoFW

This tool is inspired by fail2ban.

Assumes UFW for now.

Building

On Ubuntu: apt-get install -y cmake libpcre2-dev

cmake . make

Usage

  1. Create a file autofw.whitelist, containing IP addresses and ranges that should always be allowed to connect.
  2. Collect all IP addresses and ranges to block into a new file, say autofw.badips. It may be a good idea to filter out entries in the whitelist.
  3. Run ufw insert 1 deny from $ip for each entry in autofw.badips. The ufw tool will automatically ignore duplicates.
  4. Collect all blacklisted addresses using the following command: ufw status verbose | grep DENY | awk '{print $4}' > autofw.blacklist
  5. Run ./autofw > ufw.updates.
  6. Run the ufw.updates script.