openwrt-packages-dist/net/banip/files/banip.sources

{
	"asn": {
		"url_4": "https://asn.ipinfo.app/api/text/list/",
		"url_6": "https://asn.ipinfo.app/api/text/list/",
		"rule_4": "/^(([0-9]{1,3}\\.){3}(1?[0-9][0-9]?|2[0-4][0-9]|25[0-5])(\\/(1?[0-9]|2?[0-9]|3?[0-2]))?)([[:space:]]|$)/{print \"add asn_4 \"$1}",
		"rule_6": "/^(([0-9A-f]{0,4}:){1,7}[0-9A-f]{0,4}:?(\\/(1?[0-2][0-8]|[0-9][0-9]))?)([[:space:]]|$)/{print \"add asn_6 \"$1}",
		"focus": "ASN blocks",
		"descurl": "https://asn.ipinfo.app"
	},
	"bogon": {
		"url_4": "https://www.team-cymru.org/Services/Bogons/fullbogons-ipv4.txt",
		"url_6": "https://www.team-cymru.org/Services/Bogons/fullbogons-ipv6.txt",
		"rule_4": "/^(([0-9]{1,3}\\.){3}(1?[0-9][0-9]?|2[0-4][0-9]|25[0-5])(\\/(1?[0-9]|2?[0-9]|3?[0-2]))?)([[:space:]]|$)/{print \"add bogon_4 \"$1}",
		"rule_6": "/^(([0-9A-f]{0,4}:){1,7}[0-9A-f]{0,4}:?(\\/(1?[0-2][0-8]|[0-9][0-9]))?)([[:space:]]|$)/{print \"add bogon_6 \"$1}",
		"focus": "Bogon prefixes",
		"descurl": "https://team-cymru.com"
	},
	"country": {
		"url_4": "https://www.ipdeny.com/ipblocks/data/aggregated/",
		"url_6": "https://www.ipdeny.com/ipv6/ipaddresses/aggregated/",
		"rule_4": "/^(([0-9]{1,3}\\.){3}(1?[0-9][0-9]?|2[0-4][0-9]|25[0-5])(\\/(1?[0-9]|2?[0-9]|3?[0-2]))?)([[:space:]]|$)/{print \"add country_4 \"$1}",
		"rule_6": "/^(([0-9A-f]{0,4}:){1,7}[0-9A-f]{0,4}:?(\\/(1?[0-2][0-8]|[0-9][0-9]))?)([[:space:]]|$)/{print \"add country_6 \"$1}",
		"focus": "Country blocks",
		"descurl": "https://www.ipdeny.com/ipblocks"
	},
	"darklist": {
		"url_4": "https://darklist.de/raw.php",
		"rule_4": "/^(([0-9]{1,3}\\.){3}(1?[0-9][0-9]?|2[0-4][0-9]|25[0-5])(\\/(1?[0-9]|2?[0-9]|3?[0-2]))?)([[:space:]]|$)/{print \"add darklist_4 \"$1}",
		"focus": "Blocks suspicious attacker IPs",
		"descurl": "https://darklist.de"
	},
	"debl": {
		"url_4": "https://www.blocklist.de/downloads/export-ips_all.txt",
		"url_6": "https://www.blocklist.de/downloads/export-ips_all.txt",
		"rule_4": "/^(([0-9]{1,3}\\.){3}(1?[0-9][0-9]?|2[0-4][0-9]|25[0-5])(\\/(1?[0-9]|2?[0-9]|3?[0-2]))?)([[:space:]]|$)/{print \"add debl_4 \"$1}",
		"rule_6": "/^(([0-9A-f]{0,4}:){1,7}[0-9A-f]{0,4}:?(\\/(1?[0-2][0-8]|[0-9][0-9]))?)([[:space:]]|$)/{print \"add debl_6 \"$1}",
		"focus": "Fail2ban IP blacklist",
		"descurl": "https://www.blocklist.de"
	},
	"doh": {
		"url_4": "https://raw.githubusercontent.com/dibdot/DoH-IP-blocklists/master/doh-ipv4.txt",
		"url_6": "https://raw.githubusercontent.com/dibdot/DoH-IP-blocklists/master/doh-ipv6.txt",
		"rule_4": "/^(([0-9]{1,3}\\.){3}(1?[0-9][0-9]?|2[0-4][0-9]|25[0-5])(\\/(1?[0-9]|2?[0-9]|3?[0-2]))?)([[:space:]]|$)/{print \"add doh_4 \"$1}",
		"rule_6": "/^(([0-9A-f]{0,4}:){1,7}[0-9A-f]{0,4}:?(\\/(1?[0-2][0-8]|[0-9][0-9]))?)([[:space:]]|$)/{print \"add doh_6 \"$1}",
		"focus": "Public DoH-Provider",
		"descurl": "https://github.com/dibdot/DoH-IP-blocklists"
	},
	"drop": {
		"url_4": "https://www.spamhaus.org/drop/drop.txt",
		"url_6": "https://www.spamhaus.org/drop/dropv6.txt",
		"rule_4": "/^(([0-9]{1,3}\\.){3}(1?[0-9][0-9]?|2[0-4][0-9]|25[0-5])(\\/(1?[0-9]|2?[0-9]|3?[0-2]))?)([[:space:]]|$)/{print \"add drop_4 \"$1}",
		"rule_6": "/^(([0-9A-f]{0,4}:){1,7}[0-9A-f]{0,4}:?(\\/(1?[0-2][0-8]|[0-9][0-9]))?)([[:space:]]|$)/{print \"add drop_6 \"$1}",
		"focus": "Spamhaus drop compilation",
		"descurl": "https://www.spamhaus.org"
	},
	"dshield": {
		"url_4": "https://feeds.dshield.org/block.txt",
		"rule_4": "/^(([0-9]{1,3}\\.){3}(1?[0-9][0-9]?|2[0-4][0-9]|25[0-5])(\\/(1?[0-9]|2?[0-9]|3?[0-2]))?)([[:space:]]|$)/{print \"add dshield_4 \"$1 \"/\"$3}",
		"focus": "Dshield IP blocklist",
		"descurl": "https://www.dshield.org"
	},
	"edrop": {
		"url_4": "https://www.spamhaus.org/drop/edrop.txt",
		"rule_4": "/^(([0-9]{1,3}\\.){3}(1?[0-9][0-9]?|2[0-4][0-9]|25[0-5])(\\/(1?[0-9]|2?[0-9]|3?[0-2]))?)([[:space:]]|$)/{print \"add edrop_4 \"$1}",
		"focus": "Spamhaus edrop compilation",
		"descurl": "https://www.spamhaus.org"
	},
	"feodo": {
		"url_4": "https://feodotracker.abuse.ch/downloads/ipblocklist.txt",
		"rule_4": "/^(([0-9]{1,3}\\.){3}(1?[0-9][0-9]?|2[0-4][0-9]|25[0-5])(\\/(1?[0-9]|2?[0-9]|3?[0-2]))?)([[:space:]]|$)/{print \"add feodo_4 \"$1}",
		"focus": "Feodo Tracker",
		"descurl": "https://feodotracker.abuse.ch"
	},
	"firehol1": {
		"url_4": "https://raw.githubusercontent.com/firehol/blocklist-ipsets/master/firehol_level1.netset",
		"rule_4": "/^(([0-9]{1,3}\\.){3}(1?[0-9][0-9]?|2[0-4][0-9]|25[0-5])(\\/(1?[0-9]|2?[0-9]|3?[0-2]))?)([[:space:]]|$)/{print \"add firehol1_4 \"$1}",
		"focus": "Firehol Level 1 compilation",
		"descurl": "https://iplists.firehol.org/?ipset=firehol_level1"
	},
	"firehol2": {
		"url_4": "https://raw.githubusercontent.com/firehol/blocklist-ipsets/master/firehol_level2.netset",
		"rule_4": "/^(([0-9]{1,3}\\.){3}(1?[0-9][0-9]?|2[0-4][0-9]|25[0-5])(\\/(1?[0-9]|2?[0-9]|3?[0-2]))?)([[:space:]]|$)/{print \"add firehol2_4 \"$1}",
		"focus": "Firehol Level 2 compilation",
		"descurl": "https://iplists.firehol.org/?ipset=firehol_level2"
	},
	"firehol3": {
		"url_4": "https://raw.githubusercontent.com/firehol/blocklist-ipsets/master/firehol_level3.netset",
		"rule_4": "/^(([0-9]{1,3}\\.){3}(1?[0-9][0-9]?|2[0-4][0-9]|25[0-5])(\\/(1?[0-9]|2?[0-9]|3?[0-2]))?)([[:space:]]|$)/{print \"add firehol3_4 \"$1}",
		"focus": "Firehol Level 3 compilation",
		"descurl": "https://iplists.firehol.org/?ipset=firehol_level3"
	},
	"firehol4": {
		"url_4": "https://raw.githubusercontent.com/firehol/blocklist-ipsets/master/firehol_level4.netset",
		"rule_4": "/^(([0-9]{1,3}\\.){3}(1?[0-9][0-9]?|2[0-4][0-9]|25[0-5])(\\/(1?[0-9]|2?[0-9]|3?[0-2]))?)([[:space:]]|$)/{print \"add firehol4_4 \"$1}",
		"focus": "Firehol Level 4 compilation",
		"descurl": "https://iplists.firehol.org/?ipset=firehol_level4"
	},
	"greensnow": {
		"url_4": "https://blocklist.greensnow.co/greensnow.txt",
		"rule_4": "/^(([0-9]{1,3}\\.){3}(1?[0-9][0-9]?|2[0-4][0-9]|25[0-5])(\\/(1?[0-9]|2?[0-9]|3?[0-2]))?)([[:space:]]|$)/{print \"add greensnow_4 \"$1}",
		"focus": "Blocks suspicious server IPs",
		"descurl": "https://greensnow.co"
	},
	"iblockads": {
		"url_4": "https://list.iblocklist.com/?list=dgxtneitpuvgqqcpfulq&fileformat=cidr&archiveformat=gz",
		"rule_4": "/^(([0-9]{1,3}\\.){3}(1?[0-9][0-9]?|2[0-4][0-9]|25[0-5])(\\/(1?[0-9]|2?[0-9]|3?[0-2]))?)([[:space:]]|$)/{print \"add iblockads_4 \"$1}",
		"focus": "Advertising blocklist",
		"descurl": "https://www.iblocklist.com",
		"comp": "gz"
	},
	"iblockspy": {
		"url_4": "https://list.iblocklist.com/?list=llvtlsjyoyiczbkjsxpf&fileformat=cidr&archiveformat=gz",
		"rule_4": "/^(([0-9]{1,3}\\.){3}(1?[0-9][0-9]?|2[0-4][0-9]|25[0-5])(\\/(1?[0-9]|2?[0-9]|3?[0-2]))?)([[:space:]]|$)/{print \"add iblockspy_4 \"$1}",
		"focus": "Malicious spyware blocklist",
		"descurl": "https://www.iblocklist.com",
		"comp": "gz"
	},
	"myip": {
		"url_4": "https://myip.ms/files/blacklist/general/latest_blacklist.txt",
		"url_6": "https://myip.ms/files/blacklist/general/latest_blacklist.txt",
		"rule_4": "/^(([0-9]{1,3}\\.){3}(1?[0-9][0-9]?|2[0-4][0-9]|25[0-5])(\\/(1?[0-9]|2?[0-9]|3?[0-2]))?)([[:space:]]|$)/{print \"add myip_4 \"$1}",
		"rule_6": "/^(([0-9A-f]{0,4}:){1,7}[0-9A-f]{0,4}:?(\\/(1?[0-2][0-8]|[0-9][0-9]))?)([[:space:]]|$)/{print \"add myip_6 \"$1}",
		"focus": "Myip Live IP blacklist",
		"descurl": "https://myip.ms"
	},
	"nixspam": {
		"url_4": "http://www.dnsbl.manitu.net/download/nixspam-ip.dump.gz",
		"rule_4": "/(([0-9]{1,3}\\.){3}(1?[0-9][0-9]?|2[0-4][0-9]|25[0-5])(\\/(1?[0-9]|2?[0-9]|3?[0-2]))?)([[:space:]]|$)/{print \"add nixspam_4 \"$2}",
		"focus": "iX spam protection",
		"descurl": "http://www.nixspam.org",
		"comp": "gz"
	},
	"proxy": {
		"url_4": "https://raw.githubusercontent.com/firehol/blocklist-ipsets/master/proxylists.ipset",
		"rule_4": "/^(([0-9]{1,3}\\.){3}(1?[0-9][0-9]?|2[0-4][0-9]|25[0-5])(\\/(1?[0-9]|2?[0-9]|3?[0-2]))?)([[:space:]]|$)/{print \"add proxy_4 \"$1}",
		"focus": "Firehol list of open proxies",
		"descurl": "https://iplists.firehol.org/?ipset=proxylists"
	},
	"sslbl": {
		"url_4": "https://sslbl.abuse.ch/blacklist/sslipblacklist.csv",
		"rule_4": "BEGIN{FS=\",\"}/(([0-9]{1,3}\\.){3}(1?[0-9][0-9]?|2[0-4][0-9]|25[0-5])(\\/(1?[0-9]|2?[0-9]|3?[0-2]))?)/{print \"add sslbl_4 \"$2}",
		"focus": "SSL botnet IP blacklist",
		"descurl": "https://sslbl.abuse.ch"
	},
	"talos": {
		"url_4": "https://www.talosintelligence.com/documents/ip-blacklist",
		"rule_4": "/^(([0-9]{1,3}\\.){3}(1?[0-9][0-9]?|2[0-4][0-9]|25[0-5])(\\/(1?[0-9]|2?[0-9]|3?[0-2]))?)([[:space:]]|$)/{print \"add talos_4 \"$1}",
		"focus": "Cisco Talos IP Blacklist",
		"descurl": "https://talosintelligence.com/reputation_center"
	},
	"threat": {
		"url_4": "https://rules.emergingthreats.net/fwrules/emerging-Block-IPs.txt",
		"rule_4": "/^(([0-9]{1,3}\\.){3}(1?[0-9][0-9]?|2[0-4][0-9]|25[0-5])(\\/(1?[0-9]|2?[0-9]|3?[0-2]))?)([[:space:]]|$)/{print \"add threat_4 \"$1}",
		"focus": "Emerging Threats",
		"descurl": "https://rules.emergingthreats.net"
	},
	"tor": {
		"url_4": "https://lists.fissionrelays.net/tor/exits-ipv4.txt",
		"url_6": "https://lists.fissionrelays.net/tor/exits-ipv6.txt",
		"rule_4": "/^(([0-9]{1,3}\\.){3}(1?[0-9][0-9]?|2[0-4][0-9]|25[0-5])(\\/(1?[0-9]|2?[0-9]|3?[0-2]))?)([[:space:]]|$)/{print \"add tor_4 \"$1}",
		"rule_6": "/^(([0-9A-f]{0,4}:){1,7}[0-9A-f]{0,4}:?(\\/(1?[0-2][0-8]|[0-9][0-9]))?)([[:space:]]|$)/{print \"add tor_6 \"$1}",
		"focus": "Tor exit nodes",
		"descurl": "https://fissionrelays.net/lists"
	},
	"uceprotect1": {
		"url_4": "http://wget-mirrors.uceprotect.net/rbldnsd-all/dnsbl-1.uceprotect.net.gz",
		"rule_4": "/^(([0-9]{1,3}\\.){3}(1?[0-9][0-9]?|2[0-4][0-9]|25[0-5])(\\/(1?[0-9]|2?[0-9]|3?[0-2]))?)$/{print \"add uceprotect1_4 \"$1}",
		"focus": "Spam protection level 1",
		"descurl": "http://www.uceprotect.net/en/index.php",
		"comp": "gz"
	},
	"uceprotect2": {
		"url_4": "http://wget-mirrors.uceprotect.net/rbldnsd-all/dnsbl-2.uceprotect.net.gz",
		"rule_4": "BEGIN{IGNORECASE=1}/^(([0-9]{1,3}\\.){3}(1?[0-9][0-9]?|2[0-4][0-9]|25[0-5])(\\/(1?[0-9]|2?[0-9]|3?[0-2]))?)([[:space:]]+NET[[:space:]]+)/{print \"add uceprotect2_4 \"$1}",
		"focus": "Spam protection level 2",
		"descurl": "http://www.uceprotect.net/en/index.php",
		"comp": "gz"
	},
	"voip": {
		"url_4": "http://www.voipbl.org/update/",
		"rule_4": "/^(([0-9]{1,3}\\.){3}(1?[0-9][0-9]?|2[0-4][0-9]|25[0-5])(\\/(1?[0-9]|2?[0-9]|3?[0-2]))?)([[:space:]]|$)/{print \"add voip_4 \"$1}",
		"focus": "VoIP fraud blocklist",
		"descurl": "http://www.voipbl.org"
	},
	"yoyo": {
		"url_4": "https://pgl.yoyo.org/adservers/iplist.php?ipformat=plain&showintro=0&mimetype=plaintext",
		"rule_4": "/^(([0-9]{1,3}\\.){3}(1?[0-9][0-9]?|2[0-4][0-9]|25[0-5])(\\/(1?[0-9]|2?[0-9]|3?[0-2]))?)([[:space:]]|$)/{print \"add yoyo_4 \"$1}",
		"focus": "Ad protection blacklist",
		"descurl": "https://pgl.yoyo.org/adservers/"
	}
}