Example Usage
# our wan interface
wan="dsl0"
# our whitelist
ipset4 create whitelist hash:net
ipset4 add whitelist A.B.C.D/E # A.B.C.D/E is whitelisted
# subnets - netsets
for x in fullbogons dshield spamhaus_drop spamhaus_edrop
do
ipset4 create ${x} hash:net
ipset4 addfile ${x} ipsets/${x}.netset
blacklist4 full inface "${wan}" log "BLACKLIST ${x^^}" ipset:${x} \
except src ipset:whitelist
done
# individual IPs - ipsets
for x in feodo palevo sslbl zeus openbl blocklist_de
do
ipset4 create ${x} hash:ip
ipset4 addfile ${x} ipsets/${x}.ipset
blacklist4 full inface "${wan}" log "BLACKLIST ${x^^}" ipset:${x} \
except src ipset:whitelist
done
... rest of firehol.conf ...
See also
WADComs.github.io
Open Source
WADComs is an interactive cheat sheet, containing a curated list of offensive security tools and the…
ad-privileged-audit
Free
Provides various Windows Server Active Directory (AD) security-focused reports.…
GTFOBins
Open Source
Curated list of Unix binaries that can be used to bypass local security restrictions. Shows how to a…
Ncat
Open Source
Kali
Feature-packed reimplementation of Netcat from the Nmap project. Adds SSL/TLS support, connection br…
Ravage
Open Source
Ravage Framework - Powershell weaponized for offensive security professionals.…
Chisel
Open Source
Kali
Fast TCP/UDP tunnel transported over HTTP and secured via SSH. Used for port forwarding and pivoting…