mirror of
https://github.com/C24Be/AS_Network_List.git
synced 2026-03-30 06:08:50 +03:00
39 lines
1.0 KiB
Plaintext
39 lines
1.0 KiB
Plaintext
# Autogenerated nftables blacklist
|
|
# Generated: 2026-03-28T06:52:02.624381Z
|
|
# Source: /tmp/blacklist-v6.txt
|
|
# IPv4: 0, IPv6: 12
|
|
#
|
|
# Usage:
|
|
# sudo nft -f <this-file>
|
|
# # VM protection from incoming blacklist sources
|
|
# sudo nft add chain inet filter input '{ type filter hook input priority 0; policy accept; }'
|
|
# sudo nft add rule inet filter input ip saddr @blacklist_v4 counter reject
|
|
# sudo nft add rule inet filter input ip6 saddr @blacklist_v6 counter reject
|
|
|
|
table inet filter {
|
|
|
|
set blacklist_v4 {
|
|
type ipv4_addr
|
|
flags interval
|
|
}
|
|
|
|
set blacklist_v6 {
|
|
type ipv6_addr
|
|
flags interval
|
|
elements = {
|
|
2a00:bdc0::/33,
|
|
2a00:bdc0:8000::/34,
|
|
2a00:bdc0:c000::/35,
|
|
2a00:bdc0:e002::/47,
|
|
2a00:bdc0:e004::/47,
|
|
2a00:bdc0:e007::/48,
|
|
2a00:bdc0:f000::/36,
|
|
2a00:bdc1::/32,
|
|
2a00:bdc2::/31,
|
|
2a00:bdc4::/30,
|
|
2a14:25c5::/32,
|
|
2a14:25c7::/32
|
|
}
|
|
}
|
|
|
|
} |