From 0b3265d75c45066d3c14ac67e624607a61d20039 Mon Sep 17 00:00:00 2001 From: staticsafe Date: Wed, 17 Mar 2021 09:55:52 -0400 Subject: [PATCH] add a new IP into deirdre and erlking ipsets remove waldo ipsets and rules --- .../files/waldo.asininetech.net.rules.v4 | 22 ----------- .../files/waldo.asininetech.net.rules.v6 | 30 --------------- .../files/deirdre.asininetech.net.ipset | 2 + .../files/erlking.asininetech.net.ipset | 2 + .../files/waldo.asininetech.net.ipset | 37 ------------------- 5 files changed, 4 insertions(+), 89 deletions(-) delete mode 100644 ubuntu/roles/firewall-ruleset-deploy/files/waldo.asininetech.net.rules.v4 delete mode 100644 ubuntu/roles/firewall-ruleset-deploy/files/waldo.asininetech.net.rules.v6 delete mode 100644 ubuntu/roles/ipset-deploy/files/waldo.asininetech.net.ipset diff --git a/ubuntu/roles/firewall-ruleset-deploy/files/waldo.asininetech.net.rules.v4 b/ubuntu/roles/firewall-ruleset-deploy/files/waldo.asininetech.net.rules.v4 deleted file mode 100644 index 781c4b2..0000000 --- a/ubuntu/roles/firewall-ruleset-deploy/files/waldo.asininetech.net.rules.v4 +++ /dev/null @@ -1,22 +0,0 @@ -*filter -:INPUT DROP -:FORWARD DROP -:OUTPUT DROP --A INPUT -m set --match-set nasties src -j DROP --A INPUT -m conntrack --ctstate RELATED,ESTABLISHED -j ACCEPT --A INPUT -i lo -j ACCEPT --A INPUT -p icmp -m icmp --icmp-type 8 -j ACCEPT --A INPUT -p tcp -m tcp --dport 22 -j ACCEPT --A INPUT -p tcp -m multiport --dports 80,443 -j ACCEPT --A INPUT -p tcp -m tcp --dport 5665 -j ACCEPT --A INPUT -p tcp -m tcp --dport 4949 -j ACCEPT --A OUTPUT -m conntrack --ctstate RELATED,ESTABLISHED -j ACCEPT --A OUTPUT -o lo -j ACCEPT --A OUTPUT -p icmp -m icmp --icmp-type 8 -j ACCEPT --A OUTPUT -p tcp -m multiport --dports 80,443 -j ACCEPT --A OUTPUT -p udp -m udp --dport 53 -j ACCEPT --A OUTPUT -p tcp -m tcp --dport 53 -j ACCEPT --A OUTPUT -p tcp -m tcp --dport 587 -j ACCEPT --A OUTPUT -p tcp -m tcp --dport 5665 -j ACCEPT --A OUTPUT -p tcp -m tcp --dport 25 -j ACCEPT -COMMIT diff --git a/ubuntu/roles/firewall-ruleset-deploy/files/waldo.asininetech.net.rules.v6 b/ubuntu/roles/firewall-ruleset-deploy/files/waldo.asininetech.net.rules.v6 deleted file mode 100644 index e254ea1..0000000 --- a/ubuntu/roles/firewall-ruleset-deploy/files/waldo.asininetech.net.rules.v6 +++ /dev/null @@ -1,30 +0,0 @@ -*filter -:INPUT DROP -:FORWARD DROP -:OUTPUT DROP -:icmp_in - --A INPUT -m conntrack --ctstate RELATED,ESTABLISHED -j ACCEPT --A INPUT -i lo -j ACCEPT --A INPUT -p tcp -m tcp --dport 22 -j ACCEPT --A INPUT -p tcp -m multiport --dports 80,443 -j ACCEPT --A INPUT -p tcp -m tcp --dport 5665 -j ACCEPT --A INPUT -p tcp -m tcp --dport 4949 -j ACCEPT --A INPUT -p ipv6-icmp -j icmp_in --A OUTPUT -m conntrack --ctstate RELATED,ESTABLISHED -j ACCEPT --A OUTPUT -o lo -j ACCEPT --A OUTPUT -p tcp -m multiport --dports 80,443 -j ACCEPT --A OUTPUT -p udp -m udp --dport 53 -j ACCEPT --A OUTPUT -p tcp -m tcp --dport 53 -j ACCEPT --A OUTPUT -p tcp -m tcp --dport 587 -j ACCEPT --A OUTPUT -p ipv6-icmp -j ACCEPT --A OUTPUT -p tcp -m tcp --dport 5665 -j ACCEPT --A OUTPUT -p tcp -m tcp --dport 25 -j ACCEPT --A icmp_in -p ipv6-icmp -m icmp6 --icmpv6-type 128 -j ACCEPT --A icmp_in -p ipv6-icmp -m icmp6 --icmpv6-type 134 -j ACCEPT --A icmp_in -p ipv6-icmp -m icmp6 --icmpv6-type 135 -j ACCEPT --A icmp_in -p ipv6-icmp -m icmp6 --icmpv6-type 136 -j ACCEPT --A icmp_in -p ipv6-icmp -m icmp6 --icmpv6-type 1 -j ACCEPT --A icmp_in -p ipv6-icmp -m icmp6 --icmpv6-type 2 -j ACCEPT --A icmp_in -p ipv6-icmp -m icmp6 --icmpv6-type 3 -j ACCEPT --A icmp_in -p ipv6-icmp -m icmp6 --icmpv6-type 4 -j ACCEPT -COMMIT diff --git a/ubuntu/roles/ipset-deploy/files/deirdre.asininetech.net.ipset b/ubuntu/roles/ipset-deploy/files/deirdre.asininetech.net.ipset index ee41b33..2eea559 100644 --- a/ubuntu/roles/ipset-deploy/files/deirdre.asininetech.net.ipset +++ b/ubuntu/roles/ipset-deploy/files/deirdre.asininetech.net.ipset @@ -39,3 +39,5 @@ add nasties 216.18.204.0/24 add nasties 173.231.59.0/24 # Unknown crawler, no user agent, doesn't actually respect robots.txt add nasties 217.160.142.105/32 +# MegaIndex.ru Crawler +add nasties 176.9.41.28/32 diff --git a/ubuntu/roles/ipset-deploy/files/erlking.asininetech.net.ipset b/ubuntu/roles/ipset-deploy/files/erlking.asininetech.net.ipset index 997242e..bc8410b 100644 --- a/ubuntu/roles/ipset-deploy/files/erlking.asininetech.net.ipset +++ b/ubuntu/roles/ipset-deploy/files/erlking.asininetech.net.ipset @@ -27,3 +27,5 @@ add nasties 216.18.204.0/24 add nasties 173.231.59.0/24 # Unknown crawler, no user agent, doesn't actually respect robots.txt add nasties 217.160.142.105/32 +# MegaIndex.ru Crawler +add nasties 176.9.41.28/32 diff --git a/ubuntu/roles/ipset-deploy/files/waldo.asininetech.net.ipset b/ubuntu/roles/ipset-deploy/files/waldo.asininetech.net.ipset deleted file mode 100644 index 8ef787c..0000000 --- a/ubuntu/roles/ipset-deploy/files/waldo.asininetech.net.ipset +++ /dev/null @@ -1,37 +0,0 @@ -create nasties hash:net family inet hashsize 1024 maxelem 65536 -# domaincrawler.com aggressive crawler/bot -add nasties 185.6.8.3/32 -add nasties 185.6.8.7/32 -# infegy data collection -add nasties 173.244.135.0/24 -# 1776 Solutions, kiwifarms -add nasties 103.114.191.0/24 -# Bytespider crawler, aggressive -add nasties 110.240.0.0/12 -add nasties 111.224.0.0/14 -add nasties 220.243.128.0/20 -# Seekport Crawler, aggressive -add nasties 95.216.172.167/32 -# SearchAtlas.com SEO Crawler, doesn't respect robots.txt -add nasties 147.75.106.146/32 -# AlkonavtNetwork, Russian spam account creation source -add nasties 5.188.210.0/24 -# moz.com SEO crawler -add nasties 216.244.66.229/32 -# Aspiegel (Huawei) bot range -add nasties 114.119.160.0/21 -add nasties 114.119.128.0/19 -# Centurybot -add nasties 64.62.202.73/32 -# Pimeyes.com crawler -add nasties 116.202.237.211/32 -add nasties 116.202.234.96/32 -add nasties 95.217.119.94/32 -add nasties 116.202.228.159/32 -# Local timeline crawler on Comcast residential -add nasties 75.64.236.168/32 -# Adsbot -add nasties 216.18.204.0/24 -add nasties 173.231.59.0/24 -# Unknown crawler, no user agent, doesn't actually respect robots.txt -add nasties 217.160.142.105/32