This How To shows the use of Packet Filter firewall in order to block ips thanks to a blacklist file, as PeerBlock does under Windows. Packet Filter has better performances than Netfilter.
We can download list from www.iblocklist.com. For example download the PrimaryThreats here. We need to unzip and format the file to make it work with Packet Filter.
# wget "URLtomyremotelist" -O list.zip
# unzip file.zip
Fr
cut -d ":" -f2 list.txt | grep -E "[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}" > blocklist.tmp
sed -i 's/-/:/' blocklist.tmp
for i in $(cat blocklist.tmp); do echo "$i"; ipcalc -r "$i"| grep "/" >> blocklist; done
set limit table-entries 1000000
table <blocklist> persist file "/etc/blocklist"
pass out on $wan
pass in quick on $lan inet proto tcp from 192.168.1.10 to any port { 80, 443 }
block quick log (all, to pflog0) on any from <blocklist> to 192.168.1.10
block quick log (all, to pflog1) on any from 192.168.1.10 to <blocklist>
Contact :
