This How To shows the use of Packet Filter firewall in order to block ips thanks to a blacklist file, as PeerBlock does under Windows. Packet Filter has better performances than Netfilter.
We can download list from www.iblocklist.com. For example download the PrimaryThreats here. We need to unzip and format the file to make it work with Packet Filter.
# wget "URLtomyremotelist" -O list.zip
# unzip file.zip
cut -d ":" -f2 list.txt | grep -E "[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}" > blocklist.tmp sed -i 's/-/:/' blocklist.tmp for i in $(cat blocklist.tmp); do echo "$i"; ipcalc -r "$i"| grep "/" >> blocklist; done
set limit table-entries 1000000 table <blocklist> persist file "/etc/blocklist" pass out on $wan pass in quick on $lan inet proto tcp from 192.168.1.10 to any port { 80, 443 } block quick log (all, to pflog0) on any from <blocklist> to 192.168.1.10 block quick log (all, to pflog1) on any from 192.168.1.10 to <blocklist>
Contact :