Skip to content

Latest commit

 

History

History
93 lines (75 loc) · 2.63 KB

Readme.md

File metadata and controls

93 lines (75 loc) · 2.63 KB
Raw

Fireblock

Bash scripts to manage firewall rules & hosts file for blocking malware, phishing & malicious domains for a safer internet.

Getting Started

Clone the repository

git clone https://github.com/haikelfazzani/Fireblock
cd Fireblock

IPtables installation

apt install ipset iptables netfilter-persistent ipset-persistent iptables-persistent

Commands

block websites: update /etc/hosts

bash hosts-file/index.sh

update firewall rules for range IP

bash firewall/block_range.sh

update firewall rules for list IP

bash firewall/block_ips.sh

update firewall rules for common rules

bash firewall/common-rules.sh

update all

bash update-all.sh

Some useful iptables rules

DROP RFC1918 PACKETS

-A INPUT -s 10.0.0.0/8 -j DROP
-A INPUT -s 172.16.0.0/12 -j DROP
-A INPUT -s 192.168.0.0/16 -j DROP

Outbound UDP Flood protection

iptables -N udp-flood
iptables -A OUTPUT -p udp -j udp-flood
iptables -A udp-flood -p udp -m limit --limit 50/s -j RETURN
iptables -A udp-flood -j LOG --log-level 4 --log-prefix 'UDP-flood attempt: '
iptables -A udp-flood -j DROP

prevent flooding general

iptables -N udp-flood
iptables -A udp-flood -m limit --limit 4/second --limit-burst 4 -j RETURN
iptables -A udp-flood -j DROP
iptables -A INPUT -i eth0 -p udp -j udp-flood
iptables -A INPUT -i eth0 -f -j DROP

prevent amplification attack

iptables -N DNSAMPLY
iptables -A DNSAMPLY -p udp -m state --state NEW -m udp --dport 53 -j ACCEPT
iptables -A DNSAMPLY -p udp -m hashlimit --hashlimit-srcmask 24 --hashlimit-mode srcip --hashlimit-upto 30/m --hashlimit-burst 10 --hashlimit-name DNSTHROTTLE --dport 53 -j ACCEPT
iptables -A DNSAMPLY -p udp -m udp --dport 53 -j DROP

Contributing

We welcome contributions to improve and expand this project. Feel free to submit pull requests for bug fixes, feature enhancements, or additional security measures.

Notes

Read more

License

Apache 2.0