wagesj45/wagenet-ip-ban-list
wagesj45/wagenet-ip-ban-list
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions
wagenet-ip-ban-list/README.md
wagesj45 0f99f1e2cb Removed actual IPs from examples. 
Because they might turn good again someday. No need to put them on blast.
2025-08-17 00:22:33 -05:00

53 lines
2.2 KiB
Markdown
Raw Blame History

This file contains ambiguous Unicode characters

This file contains Unicode characters that might be confused with other characters. If you think that this is intentional, you can safely ignore this warning. Use the Escape button to reveal them.

# WageNet IP Ban List
A small repository that publishes the current WageNet IP blocklist. The list is generated from WageNet threat detection and exported as a flat text file for easy consumption by firewalls, web servers, and other tooling.
## Whats in this repo
- `banned.txt`: newlineseparated IPv4 addresses to block. Comment lines start with `#` and may include a timestamp and count.
- `update.sh`: helper script that copies a source list into the repo, commits, and pushes updates.
- `LICENSE`: license for this repository (GPL3.0).
## File format
- Plain text, UTF8.
- Lines beginning with `#` are comments/metadata.
- Each noncomment line contains a single IPv4 address.
Example:
```
# WageNet IP Blocklist - Last Updated 2025-08-17 00:00:01
# 130 IPs.
172.0.0.1
10.10.2.38
...
```
## How updates happen
The blocklist is periodically generated by WageNet and published by committing a fresh `banned.txt`. The included `update.sh` script can be used to automate this from the system that produces the list.
Script defaults (override with flags):
- `-s`: source file path (default: `/var/www/html/banned.txt`)
- `-d`: git repository directory (default: `/git/repository`)
- `-f`: destination filename inside the repo (default: `banned.txt`)
Example usage:
```
./update.sh -s /var/www/html/banned.txt -d /git/repository -f banned.txt
```
To automate, add a cron entry on the generating host (example runs hourly):
```
0 * * * * /path/to/update.sh -s /var/www/html/banned.txt -d /git/repository -f banned.txt >/tmp/wagenet-update.log 2>&1
```
## Using the blocklist
- Ingest the file directly in your tooling (e.g., fail2ban, WAF, or custom scripts).
- Convert to firewall rules (iptables/nftables) with a simple wrapper that reads each line and applies a drop rule.
- For web servers (nginx/apache), generate `deny` directives from the list.
Note: Always validate the list for your environment and merge with any allowlists you maintain.
## Contributing
`banned.txt` is generated content. Please open issues or PRs for improvements to `update.sh`, documentation, or format clarifications rather than manual edits to the list.
## License
Distributed under the GPL3.0 license. See `LICENSE` for details.
Reference in a new issue View git blame Copy permalink