Updated README.md with short scripts descriptions (#23)

* Add nftables support with config generator and IP checker - Add generate_nft_blacklist.py for generating nftables configurations - Add check_nft_blacklist.py for verifying IPs against blacklist - Add blacklists_updater_nftables.sh for automated updates - Add blacklists_nftables/ directory with generated configs - Add GitHub Actions workflow for daily nftables updates - Update README.md with nftables usage instructions nftables is a modern replacement for iptables with better performance and lower memory usage, especially for large rulesets. This addition complements the existing iptables and nginx blacklist formats. * Added nftables scripts help * Updated README.md
2026-01-24 15:06:17 +03:00 · 2026-01-12 14:13:38 +03:00
parent 534e1a46f1
commit a7c8414d08
5 changed files with 39 additions and 4 deletions
--- a/.github/workflows/update_nftables.yml
+++ b/.github/workflows/update_nftables.yml
@@ -0,0 +1,33 @@
+name: Update nftables Blacklists
+
+on:
+  schedule:
+    - cron: '30 2 * * *'  # Daily at 02:30 UTC
+  workflow_dispatch:
+
+jobs:
+  update-nftables:
+    runs-on: ubuntu-latest
+    
+    steps:
+    - name: Checkout repository
+      uses: actions/checkout@v4
+      
+    - name: Set up Python
+      uses: actions/setup-python@v5
+      with:
+        python-version: '3.x'
+        
+    - name: Generate nftables blacklists
+      run: |
+        chmod +x blacklists_updater_nftables.sh
+        ./blacklists_updater_nftables.sh
+        
+    - name: Commit and push if changed
+      run: |
+        git config --local user.email "github-actions[bot]@users.noreply.github.com"
+        git config --local user.name "github-actions[bot]"
+        git add blacklists_nftables/
+        git diff --quiet && git diff --staged --quiet || \
+          (git commit -m "Auto-update nftables blacklists [skip ci]" && git push)
+
--- a/README.md
+++ b/README.md
@@ -20,6 +20,8 @@ This repository contains Python scripts that allow you to retrieve network lists
 - `get_info_from_ripe.py`: Retrieves information about Russian AS numbers and Networks from RIPE database for the further analysis.
 - `get_description.py`: Retrieves network names, AS names and organisation names from RIPE. Updates the lists in the folder `auto/`.
 - `parse_ripe_db.py`: Parses the whole RIPE database to get information about Networks for the further analysis.
+- `generate_nft_blacklist.py`: Takes text blacklist on the input and generates nftables config with sets.
+- `check_nft_blacklist.py`: Checks IPv4/IPv6 address against generated nftables config.

 ### Blacklist Generators

--- a/blacklists_nftables/blacklist-v4.nft
+++ b/blacklists_nftables/blacklist-v4.nft
@@ -1,5 +1,5 @@
 # Autogenerated nftables blacklist
-# Generated: 2026-01-12T10:00:52.332355Z
+# Generated: 2026-01-12T09:09:01.967693Z
 # Source: /tmp/blacklist-v4.txt
 # IPv4: 816, IPv6: 0

--- a/blacklists_nftables/blacklist-v6.nft
+++ b/blacklists_nftables/blacklist-v6.nft
@@ -1,5 +1,5 @@
 # Autogenerated nftables blacklist
-# Generated: 2026-01-12T10:00:52.366124Z
+# Generated: 2026-01-12T09:09:02.010763Z
 # Source: /tmp/blacklist-v6.txt
 # IPv4: 0, IPv6: 17

--- a/blacklists_nftables/blacklist.nft
+++ b/blacklists_nftables/blacklist.nft
@@ -1,6 +1,6 @@
 # Autogenerated nftables blacklist
-# Generated: 2026-01-12T10:00:52.283144Z
-# Source: /home/runner/work/AS_Network_List/AS_Network_List/blacklists/blacklist.txt
+# Generated: 2026-01-12T09:09:01.912886Z
+# Source: /home/user/AS_Network_List/blacklists/blacklist.txt
 # IPv4: 816, IPv6: 17

 table inet filter {