View All Products
Compute
Storage
Networking
Databases
Services
Developer Tools
Industries
Pricing
Community
Engage With Us
Community Questions how to add malware dns file to OpenVPN server via iptables?
Log in to Ask a Question

how to add malware dns file to OpenVPN server via iptables?

general

I assume I can regularly download a file of current malware dns numbers?

If so, if I add these addresses to my Linode iptables, will this list server to also block malware sites that might be accessed by OpenVPN clients using my Linode OpenVPN server?

Or, is there another way to add such updated malware lists?

I do regularly update lists from https://lists.blocklist.de/lists/all.txt into my fail2ban scripts, so I thought this might be a good way of also protecting openvpn clients.

3 Replies

Seems like it ought to be doable. Will just mention that it may be worth looking into ipset (http://ipset.netfilter.org/) to handle the list of IPs, then reference that ipset in an iptables rule.

I've used ipset for quite awhile, but not to update blacklists. I've been using the code on https://gist.github.com/klepsydra/ecf975984b32b1c8291a for the past year. I tried the alternative code by d–j using ipset suggested on that page, but it never has worked properly.

This does not seem to work. I picked a few IPs that are in my DROP list in my Linode iptables, e.g., iptables -w -L -v -n, and my clients that use my Linode OpenVPN server can still access those IPs in browsers.

Reply

Please enter an answer
Tips:

You can mention users to notify them: @username

You can use Markdown to format your question. For more examples see the Markdown Cheatsheet.

> I’m a blockquote.

I’m a blockquote.

[I'm a link] (https://www.google.com)

I'm a link

**I am bold** I am bold

*I am italicized* I am italicized

Log in to Reply
Community Code of Conduct