wagesj45/wagenet-ip-ban-list
wagesj45/wagenet-ip-ban-list
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions
wagenet-ip-ban-list/README.md

78 lines
3.1 KiB
Markdown
Raw Blame History

This file contains ambiguous Unicode characters

This file contains Unicode characters that might be confused with other characters. If you think that this is intentional, you can safely ignore this warning. Use the Escape button to reveal them.

# WageNet IP Ban List
A small repository that publishes the current WageNet IP blocklist. The list is generated from WageNet threat detection and exported as a flat text file for easy consumption by firewalls, web servers, and other tooling.
## Whats in this repo
- `banned.txt`: newlineseparated IPv4 addresses to block. Comment lines start with `#` and may include a timestamp and count.
- `update.sh`: helper script that copies a source list into the repo, commits, and pushes updates.
- `LICENSE`: license for this repository (GPL3.0).
## Ban List History
- History chart: `assets/banlist_history.svg`
- CSV data: `metrics/banlist_counts.csv`
![Ban list size over time](assets/banlist_history.svg)
## File format
- Plain text, UTF8.
- Lines beginning with `#` are comments/metadata.
- Each noncomment line contains a single IPv4 address.
Example:
```
# WageNet IP Blocklist - Last Updated 2025-08-17 00:00:01
# 130 IPs.
172.0.0.1
10.10.2.38
...
```
## How updates happen
The blocklist is periodically generated by WageNet and published by committing a fresh `banned.txt`. The included `update.sh` script can be used to automate this from the system that produces the list.
Script defaults (override with flags):
- `-s`: source file path (default: `/var/www/html/banned.txt`)
- `-d`: git repository directory (default: `/git/repository`)
- `-f`: destination filename inside the repo (default: `banned.txt`)
Example usage:
```bash
./update.sh -s /var/www/html/banned.txt -d /git/repository -f banned.txt
```
To automate, add a cron entry on the generating host (example runs hourly):
```bash
0 * * * * /path/to/update.sh -s /var/www/html/banned.txt -d /git/repository -f banned.txt >/tmp/wagenet-update.log 2>&1
```
## Using the blocklist
- Ingest the file directly in your tooling (e.g., fail2ban, WAF, or custom scripts).
- Convert to firewall rules (iptables/nftables) with a simple wrapper that reads each line and applies a drop rule.
- For web servers (nginx/apache), generate `deny` directives from the list.
You can use the link to the raw text file in this repository to directly reference it.
```
https://git.jordanwages.com/wagesj45/wagenet-ip-ban-list/raw/branch/main/banned.txt
```
Note: Always validate the list for your environment and merge with any allowlists you maintain.
### CIgenerated graph
This repository includes a workflow that scans git history to count the number of noncomment lines in `banned.txt` at each change and generates:
- A CSV at `metrics/banlist_counts.csv`
- A chart at `assets/banlist_history.svg` (embedded above)
The workflow runs on pushes to `main` that modify `banned.txt` and nightly on a schedule. Commits from the workflow are marked with `[skip ci]` to avoid loops.
## Appealing
If you feel your IP is in this list by mistake, please [file an issue](https://git.jordanwages.com/wagesj45/wagenet-ip-ban-list/issues) to appeal.
## Contributing
`banned.txt` is generated content. Please open issues or PRs for improvements to `update.sh`, documentation, or format clarifications rather than manual edits to the list.
## License
Distributed under the GPL3.0 license. See `LICENSE` for details.
Reference in a new issue View git blame Copy permalink