How to Connect the CleanTalk IPSet Spam IP BlackLists Database to IPtables
Our Blacklists Database users have access to offline spam bases according to their packets. On the Blacklists Database Dashboard, there is an offline files section. You can find it here. Scroll down or select Offline files from the navigation menu:
Use these credentials to download offline files:
If you want to use our IP spam database for IPtables you need to do the following:
1. Install IPset packet.
For Debian: apt-get install ipset
For Redhat: yum install ipset -y
2. Check if you have a CURL with SFTP support installed:
curl -V | grep sftp -o
Download missing libraries.
3. Download CleanTalk scripts.
4. Make a folder for the .conf file and lists:
mkdir -p /etc/ipset-blacklist
and copy ipset-blacklist.conf file from downloaded archive to this fodder.
5. Copy update-blacklist.sh file from downloaded archive to /usr/local/sbin.
Make it executable: chmod +x /usr/local/sbin/update-blacklist.sh
6. Enter your SFTP credentials to ipset-blacklist.conf:
7. Run the script:
The script creates a list for IPtables: ip-blacklist.restore
8. To connect the list run:
ipset restore < /etc/ipset-blacklist/ip-blacklist.restore
iptables -I INPUT 1 -m set --match-set blacklist src -j DROP
9. For automatic updates please add to cron these lines:
33 23 * * * root /usr/local/sbin/update-blacklist.sh /etc/ipset-blacklist/ipset-blacklist.conf
You can check the results:
iptables -L INPUT -v --line-numbers