I'm thinking to integrate the iptables and lists from iblocklist.com.
The objective is to load a fie lists ever week and integrate into iptables.

Has anyone done this - pros and cons, please ?
Thank you.

Given the notices and warnings posted and from looking at 0, 1, 2 memberlists I think you best stay away from those: list 2 is empty and the criteria for listing IPs is all but professional. The others don't list criteria either and mix ranges with FQDN's. As far as the other lists are concerned they might serve a purpose but blocking IP addresses or ranges is rather crude. It doesn't address filtering for common problems like proxy regexes could do efficiently. If I would ponder using those blocklists I'd get a few months worth of data, grep for listed domains and let that determine if the list effectivity is worth the performance hit.

how about their Level 1 and level 2 ?
I've been using PeerGuardina ( on MS ) for quite some time and, though can't be sure for 100%, but it's lists seemed to be doing their job. So i just wan to have similar level of "protection" on linux...

If the idea they "seem" to work is good enough for you then by all means use those lists. I hope there's a script that'll take care of checking lists, resolving domainnames and adding IP addresses and ranges.

well, i just put in this way - i don't know any better ways. Do you ?
// "don't' do p2p" idea - doesn't count

Without measuring the effectiveness, and even if the site fully admits to not being up to date or checking any errors, lists that do overly broad blocking without objective criteria may put your network connectivity at risk and unnecessarily so. I mean for whom exactly is the "Portsmouth Municipal Court" a "Primary Threat" FCOL? And exactly what is the delay? Some you better get from the official sources like Dshield: http://www.dshield.org/ipsascii.html (note how it reads "# DO NOT USE AS BLOCKLIST"?) and IANA LAN-range, bogon and such lists you can get without delay from http://www.cymru.com/Documents/bogon-bn-nonagg.txt. For the rest, and since you're enamoured with PeerGuardian usage already, I doubt any criteria matter.

thank you for information and education.
i'm not sure how lists ( any lists for that matter ) can be measured. i do know that i have not received THE email from my ISP since i started using the PG. Does it mean that i'm 100% safe? surely no. but, agree, it's better than nothing. If i knew better - i would surely execute it.

So your advise - get dshield and cymru lists and don't bother with the ilists ?

Netstat lists network connections, iptables allows you to set -j LOG rules, some applications can log network addresses, and some files may contain IP addresses (.torrent files: trackers, DHT addresses). Checking for log rule matches and matching logged network addresses against those lists could show.


My advice would be to get as much lists from the official source as possible and to avoid the lists created by members. The rest I may have an opinion about that does not necessarily agree with yours.

Ok, i, probably will get a brake in a month and will have a day to play with it. Thank you!