Firehol/firehol.sh at master · Poli-Systems/Firehol · GitHub

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
#Install firehol and enable some block lists
#By Poli Systems

  apt update
  apt install firehol firehol-tools -y
  echo '
# FireHOL configuration file
#
# See firehol.conf(5) manual page and FireHOL Manual for details.
#
# This configuration file will allow all requests originating from the
# local machine to be send through all network interfaces.
#
# No requests are allowed to come from the network. The host will be
# completely stealthed! It will not respond to anything, and it will
# not be pingable, although it will be able to originate anything
# (even pings to other hosts).
#

version 6

        ipset4 create whitelist hash:net
        ipset4 add whitelist 127.0.0.1/32

        # subnets - netsets
        for x in dshield spamhaus_drop spamhaus_edrop firehol_level2 firehol_level3 dshield_1d dshield_30d dshield_7d
        do
                ipset4 create  ${x} hash:net
                ipset4 addfile ${x} ipsets/${x}.netset
                blacklist4 full inface any log "BLACKLIST ${x^^}" ipset:${x} \
                        except src ipset:whitelist
        done

        # individual IPs - ipsets
        for x in blocklist_de bruteforceblocker malc0de myip greensnow dshield_top_1000 blocklist_net_ua cybercrime tor_exits tor_exits_1d tor_exits_7d tor_exits_30d sblam
        do
                ipset4 create  ${x} hash:ip
                ipset4 addfile ${x} ipsets/${x}.ipset
                blacklist4 full inface any log "BLACKLIST ${x^^}" ipset:${x} \
                        except src ipset:whitelist
        done


# Accept all client traffic on any interface
interface any world
        client all accept
        server all accept
        client ipv6neigh accept
        server ipv6neigh accept

' > /etc/firehol/firehol.conf

	update-ipsets enable dshield blocklist_net_ua botscout spamhaus_drop spamhaus_edrop blocklist_de firehol_level2 firehol_level3 dshield_top_1000 bruteforceblocker malc0de greensnow myip cybercrime tor_exits sblam
	update-ipsets -s

	crontab -l > /tmp/tmpcron
	echo "*/13 * * * * root update-ipsets -s >/dev/null 2>&1" >> /tmp/tmpcron
	crontab /tmp/tmpcron
	rm /tmp/tmpcron

	update-rc.d firehol defaults
	firehol restart

  echo "firehol has been installed and the crontab is running every 13 minutes"
  echo "We recommand you to close this session and to open a new one to prevent issues with the backspace"
  echo "Thanks for using it, by Poli Systems"