###############################################################################
# Copyright 2006-2015, Way to the Web Limited
# URL: https://www.configserver.com
# Email: sales@waytotheweb.com
###############################################################################
# This file contains definitions to IP BLOCK lists.
#
# Uncomment the line starting with the rule name to use it, then restart csf
# and then lfd
#
# Each block list must be listed on per line: as NAME|INTERVAL|MAX|URL
#   NAME    : List name with all uppercase alphabetic characters with no
#             spaces and a maximum of 9 characters - this will be used as the
#             iptables chain name
#   INTERVAL: Refresh interval to download the list, must be a minimum of 3600
#             seconds (an hour), but 86400 (a day) should be more than enough
#   MAX     : This is the maximum number of IP addresses to use from the list,
#             a value of 0 means all IPs
#   URL     : The URL to download the list from
#
# Note: Some of thsese lists are very long (thousands of IP addresses) and
# could cause serious network and/or performance issues, so setting a value for
# the MAX field should be considered
#
# After making any changes to this file you must restart csf and then lfd
#
# If you want to redownload a blocklist you must first delete
# /var/lib/csf/csf.block.NAME and then restart csf and then lfd
#
# Each URL is scanned for an IPv4/CIDR address per line and if found is blocked

# Spamhaus Don't Route Or Peer List (DROP)
# Details: https://www.spamhaus.org/drop/
SPAMDROP|86400|0|https://www.spamhaus.org/drop/drop.lasso

# Spamhaus Extended DROP List (EDROP)
# Details: https://www.spamhaus.org/drop/
SPAMEDROP|86400|0|https://www.spamhaus.org/drop/edrop.lasso

# DShield.org Recommended Block List
# Details: https://dshield.org
DSHIELD|86400|0|https://www.dshield.org/block.txt

# TOR Exit Nodes List
# Set URLGET in csf.conf to use LWP as this list uses an SSL connection
# Details: https://trac.torproject.org/projects/tor/wiki/doc/TorDNSExitList
#TOR|86400|0|https://check.torproject.org/cgi-bin/TorBulkExitList.py?ip=1.2.3.4

# Alternative TOR Exit Nodes List
# Details: https://torstatus.blutmagie.de/
#ALTTOR|86400|0|https://torstatus.blutmagie.de/ip_list_exit.php/Tor_ip_list_EXIT.csv

# BOGON list
# Details: https://www.team-cymru.org/Services/Bogons/
BOGON|86400|0|https://www.cymru.com/Documents/bogon-bn-agg.txt

# Project Honey Pot Directory of Dictionary Attacker IPs
# Details: https://www.projecthoneypot.org
HONEYPOT|86400|0|https://www.projecthoneypot.org/list_of_ips.php?t=d&rss=1

# C.I. Army Malicious IP List
# Details: https://www.ciarmy.com
#CIARMY|86400|0|https://www.ciarmy.com/list/ci-badguys.txt

# BruteForceBlocker IP List
# Details: https://danger.rulez.sk/index.php/bruteforceblocker/
BFB|86400|0|http://danger.rulez.sk/projects/bruteforceblocker/blist.php

# Set URLGET in csf.conf to use LWP as this list uses an SSL connection

# MaxMind GeoIP Anonymous Proxies
# Set URLGET in csf.conf to use LWP as this list uses an SSL connection
# Details: https://www.maxmind.com/en/anonymous_proxies
MAXMIND|86400|0|https://www.maxmind.com/en/anonymous_proxies

# Blocklist.de
# Set URLGET in csf.conf to use LWP as this list uses an SSL connection
# Details: https://www.blocklist.de
# This first list only retrieves the IP addresses added in the last hour
#BDE|3600|0|https://api.blocklist.de/getlast.php?time=3600
# This second list retrieves all the IP addresses added in the last 48 hours
# and is usually a very large list (over 10000 entries), so be sure that you
# have the resources available to use it
BDEALL|86400|0|https://lists.blocklist.de/lists/all.txt

# CRYPTOPHP - known ips for domain controllers
CRYPTOPHP|86400|0|https://club3d.ro/crypto-php-ips.txt

# Wordpress Pingback Attack
#WORDPRESSXMLRPC|1800|0|https://club3d.ro/wordpress-xml.txt

# Email Spammers
EMAILSPAMMERS|300|0|https://club3d.ro/email-spammers.txt

# TOR IP Addresses
TOREXITNODES|1800|0|https://club3d.ro/ipuri-tor.txt

# Bad Bots (Crawlers)
BADBOTS|300|0|https://club3d.ro/badbots.txt

# Spamhaus IPv6 Don't Route Or Peer List (DROPv6)
# Details: https://www.spamhaus.org/drop/
#SPAMDROPV6|86400|0|https://www.spamhaus.org/drop/dropv6.txt

# Stop Forum Spam IPv6
# Details: https://www.stopforumspam.com/downloads/
# Many of the lists available contain a vast number of IP addresses so special
# care needs to be made when selecting from their lists
#STOPFORUMSPAMV6|86400|0|https://www.stopforumspam.com/downloads/listed_ip_1_ipv6.zip