Blocklist - an easy way to add blocklists to your EdgeRouter.
This package (a binary, a configuration file, and a shell script) can be used to download blocklists based on country code and other arbitrary IP-based lists for use as filters on Ubiquiti EdgeRouters (and possibly other devices). Custom blocklist entries are supported, as are custom whitelist entries. CIDR ranges are aggregated during processing, reducing the complexity of the filter.
Important Note
This package modifies your router configuration. Do not use if you are not well-versed in building or installing software on your target hardware.
This package has only been tested on the EdgeRouter 4.
Requirements:
- Go 1.19 or later (
go version
to determine version)
Build and Installation:
- Clone the repo
- Create a
blocklist.yaml
configuration (use the example yaml for inspiration). Note themaxgroups
value - Examine the
runblocklist.sh
shell script and customize theNETSET
variable if desired (optional) - With the value of the
NETSET
variable, createmaxgroups
network groups (e.g,block1
throughblock4
) - On the router, create firewall rules that block sources from these network groups
- Build on a system with Go installed (for the EdgeRouter 4 architecture:
GOOS=linux GOARCH=mips go build
) - Copy
blocklist
,blocklist.yaml
,testip.sh
, andrunblocklist.sh
to your router (recommended: place in/config/blocklist
) - Test blocklist downloads by running
blocklist | wc -l
as root on the router and seeing how many entries would be created. - Test by running
runblocklist.sh
as root on the router - Create a cronjob to run periodically (optional)
Determining whether an IP address is blocked
Use the testip.sh
script to determine whether an IP address is in a blocklist:
testip.sh <ip address>