| src/abuseipdb_fetcher | ||
| .gitignore | ||
| .isort.cfg | ||
| config.ini.sample | ||
| LICENSE | ||
| pyproject.toml | ||
| README.md | ||
| requirements.txt | ||
This tool fetches blocked IPs from AbuseIPdb and generates a list from it to be used by FreeBSD's pf tables.
It will exclude IP addresses you put into the whitelisted CIDRs list, see config.ini.sample.
Copy config.ini.sample to a place and edit it to your needs. Then, use this tool's command line (abuseipdb-fetcher -h) to see the options. Basically, fetch fetches the host lists, parse compiles the list for pf from the previously downloaded list.
parse will exit with a non-zero exit code if there are no updates.
A basic updater script looks like this (uses a previously installed virtualenv):
#!/usr/bin/env sh
MY_DIR=$(cd $(dirname $(readlink -f $0));pwd)
cd "$MY_DIR"
set -ex
./venv/bin/abuseipdb-fetcher -c config.ini fetch
./venv/bin/abuseipdb-fetcher -c config.ini parse
pfctl -f /etc/pf.conf -t abuseipdb -T load
If you handle a lot of hosts, you might need to raise the limits on the hosts able to be stored by pf's tables:
set limit table-entries 1000000 # 1 million max entries per table
Based on your subscription type, here's the limits the API will serve: