search

poddmo / ufw-blocklist

IP blocklist extension for Ubuntu ufw
GNU General Public License v3.0
88 stars 13 forks source link

How check if it works. Dont see any blocks #13

Closed hobbycharken closed 3 months ago

hobbycharken commented 3 months ago

Ubuntu 22.04 Iredmail installed

Get this status

ame: ufw-blocklist-ipsum Type: hash:net Revision: 7 Header: family inet hashsize 4096 maxelem 65536 bucketsize 12 initval 0x82b0c944 Size in memory: 328848 References: 3 Number of entries: 11694 2140 115216 ufw-blocklist-input all -- 0.0.0.0/0 0.0.0.0/0 match-set ufw-blocklist-ipsum src 0 0 ufw-blocklist-forward all -- 0.0.0.0/0 0.0.0.0/0 match-set ufw-blocklist-ipsum dst 0 0 ufw-blocklist-output all -- 0.0.0.0/0 0.0.0.0/0 match-set ufw-blocklist-ipsum dst May 28 11:09:35 mail.mxmail.pro sudo[26899]: root : TTY=pts/0 ; PWD=/root/ufw-blocklist ; USER=root ; COMMAND=/usr/sbin/ipset list ufw-blocklist-ipsum -terse May 28 11:09:49 mail.mxmail.pro sudo[26928]: root : TTY=pts/0 ; PWD=/root/ufw-blocklist ; USER=root ; COMMAND=/usr/sbin/ipset list ufw-blocklist-ipsum -terse May 28 11:11:04 mail.mxmail.pro sudo[26971]: root : TTY=pts/0 ; PWD=/root/ufw-blocklist ; USER=root ; COMMAND=/etc/ufw/after.init status May 28 11:11:24 mail.mxmail.pro sudo[26983]: root : TTY=pts/0 ; PWD=/root/ufw-blocklist ; USER=root ; COMMAND=/etc/ufw/after.init status May 28 11:12:49 mail.mxmail.pro sudo[27049]: root : TTY=pts/0 ; PWD=/root/ufw-blocklist ; USER=root ; COMMAND=/etc/ufw/after.init status May 28 11:14:13 mail.mxmail.pro sudo[27114]: root : TTY=pts/0 ; PWD=/root/ufw-blocklist ; USER=root ; COMMAND=/etc/ufw/after.init status May 28 11:28:16 mail.mxmail.pro sudo[27524]: root : TTY=pts/0 ; PWD=/root/ufw-blocklist ; USER=root ; COMMAND=/etc/ufw/after.init status May 28 13:00:00 mail.mxmail.pro sudo[30231]: root : TTY=pts/0 ; PWD=/root/ufw-blocklist ; USER=root ; COMMAND=/etc/ufw/after.init status May 29 06:54:31 mail.mxmail.pro ufw-blocklist-ipsum[61853]: starting update of ufw-blocklist-ipsum with 4714 entries from https://raw.githubusercontent.com/stamparm/ipsum/master/levels/3.txt May 29 06:55:15 mail.mxmail.pro ufw-blocklist-ipsum[73607]: finished updating ufw-blocklist-ipsum. Old entry count: 4714 New count: 11694 of 11694

poddmo commented 3 months ago

It is working: 2140 packets blocked so far. That can be seen in the line quoted below. I've added column headers to make it clearer.

pkts bytes target prot opt in out source destination set-options

2140 115216 ufw-blocklist-input all -- 0.0.0.0/0 0.0.0.0/0 match-set ufw-blocklist-ipsum src

poddmo commented 3 months ago

You can check it directly with this command:

root@router:~# iptables -L -nvx | grep ufw-blocklist-ipsum 421418 24386377 ufw-blocklist-input all -- 0.0.0.0/0 0.0.0.0/0 match-set ufw-blocklist-ipsum src 458 38171 ufw-blocklist-forward all -- 0.0.0.0/0 0.0.0.0/0 match-set ufw-blocklist-ipsum dst 28 2417 ufw-blocklist-output all -- 0.0.0.0/0 0.0.0.0/0 match-set ufw-blocklist-ipsum dst

hobbycharken commented 3 months ago

Thanks a lot!