config banip 'global' option ban_enabled '0' option ban_basever '0.3' option ban_automatic '1' option ban_realtime 'false' config banip 'extra' option ban_debug '0' option ban_maxqueue '4' config source 'whitelist' option ban_src '/etc/banip/banip.whitelist' option ban_src_6 '/etc/banip/banip.whitelist' option ban_src_desc 'Always allow these IPs (IPv4/IPv6)' option ban_src_rset '/^(([0-9]{1,3}\.){3}[0-9]{1,3}(\/[0-9]{1,2})?)([[:space:]]|$)/{print \"add whitelist \"\$1}' option ban_src_rset_6 '/^([0-9a-fA-F]{0,4}:){1,7}[0-9a-fA-F]{0,4}(:\/[0-9]{1,2})?([[:space:]]|$)/{print \"add whitelist_6 \"\$1}' option ban_src_settype 'net' option ban_src_ruletype 'src+dst' option ban_src_on '1' option ban_src_on_6 '0' config source 'blacklist' option ban_src '/etc/banip/banip.blacklist' option ban_src_6 '/etc/banip/banip.blacklist' option ban_src_desc 'Always deny these IPs (IPv4/IPv6)' option ban_src_rset '/^(([0-9]{1,3}\.){3}[0-9]{1,3}(\/[0-9]{1,2})?)([[:space:]]|$)/{print \"add blacklist \"\$1}' option ban_src_rset_6 '/^([0-9a-fA-F]{0,4}:){1,7}[0-9a-fA-F]{0,4}(:\/[0-9]{1,2})?([[:space:]]|$)/{print \"add blacklist_6 \"\$1}' option ban_src_settype 'net' option ban_src_ruletype 'src+dst' option ban_src_on '0' option ban_src_on_6 '0' config source 'bogon' option ban_src 'https://www.team-cymru.org/Services/Bogons/fullbogons-ipv4.txt' option ban_src_6 'https://www.team-cymru.org/Services/Bogons/fullbogons-ipv6.txt' option ban_src_desc 'Bogon prefixes, plus prefixes that have been allocated to RIRs but not yet assigned to ISPs (IPv4/IPv6)' option ban_src_rset '/^(([0-9]{1,3}\.){3}[0-9]{1,3}(\/[0-9]{1,2})?)([[:space:]]|$)/{print \"add bogon \"\$1}' option ban_src_rset_6 '/^([0-9a-fA-F]{0,4}:){1,7}[0-9a-fA-F]{0,4}(:\/[0-9]{1,2})?([[:space:]]|$)/{print \"add bogon_6 \"\$1}' option ban_src_settype 'net' option ban_src_ruletype 'src+dst' option ban_src_on '0' option ban_src_on_6 '0' config source 'DoH' option ban_src 'https://raw.githubusercontent.com/dibdot/DoH-IP-blocklists/master/doh-ipv4.txt' option ban_src_6 'https://raw.githubusercontent.com/dibdot/DoH-IP-blocklists/master/doh-ipv6.txt' option ban_src_desc 'List of public DoH providers (DNS over HTTPS) (IPv4/IPv6)' option ban_src_rset '/^(([0-9]{1,3}\.){3}[0-9]{1,3}(\/[0-9]{1,2})?)([[:space:]]|$)/{print \"add DoH \"\$1}' option ban_src_rset_6 '/^([0-9a-fA-F]{0,4}:){1,7}[0-9a-fA-F]{0,4}(:\/[0-9]{1,2})?([[:space:]]|$)/{print \"add DoH_6 \"\$1}' option ban_src_settype 'net' option ban_src_ruletype 'src+dst' option ban_src_on '0' option ban_src_on_6 '0' config source 'tor' option ban_src 'https://check.torproject.org/exit-addresses' option ban_src_desc 'List of Tor Exit Nodes (IPv4)' option ban_src_rset '/^(ExitAddress ([0-9]{1,3}\.){3}[0-9]{1,3})([[:space:]]|$)/{print \"add tor \"\$2}' option ban_src_settype 'ip' option ban_src_ruletype 'src' option ban_src_on '0' option ban_src_on_6 '0' config source 'threat' option ban_src 'https://rules.emergingthreats.net/fwrules/emerging-Block-IPs.txt' option ban_src_desc 'Emerging Threats (IPv4)' option ban_src_rset '/^(([0-9]{1,3}\.){3}[0-9]{1,3}(\/[0-9]{1,2})?)([[:space:]]|$)/{print \"add threat \"\$1}' option ban_src_settype 'net' option ban_src_ruletype 'src' option ban_src_on '0' config source 'debl' option ban_src 'https://www.blocklist.de/downloads/export-ips_all.txt' option ban_src_6 'https://www.blocklist.de/downloads/export-ips_all.txt' option ban_src_desc 'Fail2ban reporting service (IPv4/IPv6)' option ban_src_rset '/^(([0-9]{1,3}\.){3}[0-9]{1,3})([[:space:]]|$)/{print \"add debl \"\$1}' option ban_src_rset_6 '/^([0-9a-fA-F]{0,4}:){1,7}[0-9a-fA-F]{0,4}(:\/[0-9]{1,2})?([[:space:]]|$)/{print \"add debl_6 \"\$1}' option ban_src_settype 'ip' option ban_src_ruletype 'src' option ban_src_on '0' option ban_src_on_6 '0' config source 'myip' option ban_src 'https://www.myip.ms/files/blacklist/general/latest_blacklist.txt' option ban_src_6 'https://www.myip.ms/files/blacklist/general/latest_blacklist.txt' option ban_src_desc 'IP blacklist provided by myip.ms (IPv4/IPv6)' option ban_src_rset '/^(([0-9]{1,3}\.){3}[0-9]{1,3})([[:space:]]|$)/{print \"add myip \"\$1}' option ban_src_rset_6 '/^([0-9a-fA-F]{0,4}:){1,7}[0-9a-fA-F]{0,4}(:\/[0-9]{1,2})?([[:space:]]|$)/{print \"add myip_6 \"\$1}' option ban_src_settype 'ip' option ban_src_ruletype 'src' option ban_src_on '0' option ban_src_on_6 '0' config source 'yoyo' option ban_src 'https://pgl.yoyo.org/adservers/iplist.php?ipformat=plain&showintro=0&mimetype=plaintext' option ban_src_desc 'IP blocklist provided by Peter Lowe (IPv4)' option ban_src_rset '/^(([0-9]{1,3}\.){3}[0-9]{1,3})([[:space:]]|$)/{print \"add yoyo \"\$1}' option ban_src_settype 'ip' option ban_src_ruletype 'src' option ban_src_on '0' config source 'sslbl' option ban_src 'https://sslbl.abuse.ch/blacklist/sslipblacklist.csv' option ban_src_desc 'SSL Blacklist by abuse.ch (IPv4)' option ban_src_rset 'BEGIN{FS=\",\"}/(([0-9]{1,3}\.){3}[0-9]{1,3},).*/{print \"add sslbl \"\$2}' option ban_src_settype 'ip' option ban_src_ruletype 'src' option ban_src_on '0' config source 'ransomware' option ban_src 'https://ransomwaretracker.abuse.ch/downloads/RW_IPBL.txt' option ban_src_desc 'Ransomware Tracker by abuse.ch (IPv4)' option ban_src_rset '/^(([0-9]{1,3}\.){3}[0-9]{1,3})([[:space:]]|$)/{print \"add ransomware \"\$1}' option ban_src_settype 'ip' option ban_src_ruletype 'src' option ban_src_on '0' config source 'feodo' option ban_src 'https://feodotracker.abuse.ch/downloads/ipblocklist.txt' option ban_src_desc 'Feodo Tracker by abuse.ch (IPv4)' option ban_src_rset '/^(([0-9]{1,3}\.){3}[0-9]{1,3})([[:space:]]|$)/{print \"add feodo \"\$1}' option ban_src_settype 'ip' option ban_src_ruletype 'src' option ban_src_on '0' config source 'dshield' option ban_src 'https://feeds.dshield.org/block.txt' option ban_src_desc 'Dshield recommended IP blocklist. Contains top 20 attacking class C subnets (IPv4)' option ban_src_rset '/^(([0-9]{1,3}\.){3}[0-9]{1,3})([[:space:]]|$)/{print \"add dshield \"\$1 \"/\"\$3}' option ban_src_settype 'net' option ban_src_ruletype 'src' option ban_src_on '0' config source 'proxy' option ban_src 'https://raw.githubusercontent.com/firehol/blocklist-ipsets/master/proxylists.ipset' option ban_src_desc 'List of Open Proxies (IPv4)' option ban_src_rset '/^(([0-9]{1,3}\.){3}[0-9]{1,3})([[:space:]]|$)/{print \"add proxy \"\$1}' option ban_src_settype 'ip' option ban_src_ruletype 'src' option ban_src_on '0' config source 'iblocklist' option ban_src 'https://list.iblocklist.com/?list=dgxtneitpuvgqqcpfulq&fileformat=cidr&archiveformat=gz' option ban_src_desc 'Contains advertising trackers and a short list of bad/intrusive porn sites (IPv4)' option ban_src_rset '/^(([0-9]{1,3}\.){3}[0-9]{1,3}(\/[0-9]{1,2})?)([[:space:]]|$)/{print \"add iblocklist \"\$1}' option ban_src_settype 'net' option ban_src_ruletype 'src' option ban_src_on '0' config source 'drop' option ban_src 'https://www.spamhaus.org/drop/drop.txt' option ban_src_6 'https://www.spamhaus.org/drop/dropv6.txt' option ban_src_desc 'Spamhaus drop compilation (IPv4/IPv6)' option ban_src_rset '/^(([0-9]{1,3}\.){3}[0-9]{1,3}(\/[0-9]{1,2})?)([[:space:]]|$)/{print \"add drop \"\$1}' option ban_src_rset_6 '/^([0-9a-fA-F]{0,4}:){1,7}[0-9a-fA-F]{0,4}(:\/[0-9]{1,2})?([[:space:]]|$)/{print \"add drop_6 \"\$1}' option ban_src_settype 'net' option ban_src_ruletype 'src' option ban_src_on '0' option ban_src_on_6 '0' config source 'edrop' option ban_src 'https://www.spamhaus.org/drop/edrop.txt' option ban_src_desc 'Spamhaus edrop compilation (IPv4)' option ban_src_rset '/^(([0-9]{1,3}\.){3}[0-9]{1,3}(\/[0-9]{1,2})?)([[:space:]]|$)/{print \"add edrop \"\$1}' option ban_src_settype 'net' option ban_src_ruletype 'src' option ban_src_on '0' config source 'firehol1' option ban_src 'https://raw.githubusercontent.com/firehol/blocklist-ipsets/master/firehol_level1.netset' option ban_src_desc 'Firehol Level 1 compilation. Contains bogons, spamhaus drop and edrop, dshield and malware lists (IPv4)' option ban_src_rset '/^(([0-9]{1,3}\.){3}[0-9]{1,3}(\/[0-9]{1,2})?)([[:space:]]|$)/{print \"add firehol1 \"\$1}' option ban_src_settype 'net' option ban_src_ruletype 'src' option ban_src_on '0' config source 'firehol2' option ban_src 'https://raw.githubusercontent.com/firehol/blocklist-ipsets/master/firehol_level2.netset' option ban_src_desc 'Firehol Level 2 compilation. Contains blocklists that track attacks, during the last 48 hours (IPv4)' option ban_src_rset '/^(([0-9]{1,3}\.){3}[0-9]{1,3}(\/[0-9]{1,2})?)([[:space:]]|$)/{print \"add firehol2 \"\$1}' option ban_src_settype 'net' option ban_src_ruletype 'src' option ban_src_on '0' config source 'firehol3' option ban_src 'https://raw.githubusercontent.com/firehol/blocklist-ipsets/master/firehol_level3.netset' option ban_src_desc 'Firehol Level 3 compilation. Contains blocklists that track attacks, spyware and viruses (IPv4)' option ban_src_rset '/^(([0-9]{1,3}\.){3}[0-9]{1,3}(\/[0-9]{1,2})?)([[:space:]]|$)/{print \"add firehol3 \"\$1}' option ban_src_settype 'net' option ban_src_ruletype 'src' option ban_src_on '0' config source 'firehol4' option ban_src 'https://raw.githubusercontent.com/firehol/blocklist-ipsets/master/firehol_level4.netset' option ban_src_desc 'Firehol Level 4 compilation. May include a large number of false positives (IPv4)' option ban_src_rset '/^(([0-9]{1,3}\.){3}[0-9]{1,3}(\/[0-9]{1,2})?)([[:space:]]|$)/{print \"add firehol4 \"\$1}' option ban_src_settype 'net' option ban_src_ruletype 'src' option ban_src_on '0' config source 'country' option ban_src 'https://stat.ripe.net/data/country-resource-list/data.json?resource=' option ban_src_6 'https://stat.ripe.net/data/country-resource-list/data.json?resource=' option ban_src_desc 'Build a dynamic IPSet by country iso codes based on RIPE data (IPv4/IPv6)' option ban_src_rset '/^(([0-9]{1,3}\.){3}[0-9]{1,3}(\/[0-9]{1,2})?)([[:space:]]|$)/{print \"add country \"\$1}' option ban_src_rset_6 '/^([0-9a-fA-F]{0,4}:){1,7}[0-9a-fA-F]{0,4}(:\/[0-9]{1,2})?([[:space:]]|$)/{print \"add country_6 \"\$1}' list ban_src_cat 'de' option ban_src_settype 'net' option ban_src_ruletype 'src' option ban_src_on '0' option ban_src_on_6 '0' config source 'asn' option ban_src 'https://stat.ripe.net/data/announced-prefixes/data.json?resource=' option ban_src_6 'https://stat.ripe.net/data/announced-prefixes/data.json?resource=' option ban_src_desc 'Build a dynamic IPSet by ASN numbers based on RIPE data (IPv4/IPv6)' option ban_src_rset '/^(([0-9]{1,3}\.){3}[0-9]{1,3}(\/[0-9]{1,2})?)([[:space:]]|$)/{print \"add asn \"\$1}' option ban_src_rset_6 '/^([0-9a-fA-F]{0,4}:){1,7}[0-9a-fA-F]{0,4}(:\/[0-9]{1,2})?([[:space:]]|$)/{print \"add asn_6 \"\$1}' list ban_src_cat '32934' option ban_src_settype 'net' option ban_src_ruletype 'src' option ban_src_on '0' option ban_src_on_6 '0'