Sysadmin Garden of Eden Docs

Version 1337.42.0

Cloudflare

Create IPv4 and IPv6 IPSets

1
2
3
4
ipset create cf4 hash:net family inet
ipset create cf6 hash:net family inet6
for ip in $(curl https://www.cloudflare.com/ips-v4); do ipset add cf4 "$ip"; done
for ip in $(curl https://www.cloudflare.com/ips-v6); do ipset add cf6 "$ip"done

Block http and https Access using the IPSets

1
2
iptables -A INPUT -m set --match-set cf4 src -p tcp -m multiport --dports http,https -m state --state NEW -j ACCEPT
ip6tables -A INPUT -m set --match-set cf6 src -p tcp -m multiport --dports http,https -m state --state NEW -j ACCEPT
Last updated on 31 Jan 2020
Published on 31 Jan 2020
Edit on GitHub