Skip to content

Installing update ipsets

Jump to bottom Edit New page
Costa Tsaousis edited this page Nov 10, 2015 · 33 revisions

update-ipsets is part of FireHOL.

You can use update-ipsets without FireHOL. update-ipsets will does not depend on it. You have to install it to your computer though.

update-ipsets is a new member of the FireHOL suite. It has not been released yet. So, even if you already use FireHOL, you have to download the latest development version of it to have update-ipsets.

The following procedure installs FireHOL to your computer.

Install update-ipsets (and FireHOL)

The FireHOL repo includes update-ipsets.

This is a quick guide to install it:

# cd somewhere
cd /tmp

# download FireHOL source from github
git clone https://github.com/firehol/firehol.git firehol.git

# cd to it:
cd firehol.git

# prepare autoconf:
./autogen.sh

# make sure autogen.sh completes successfully

# run configure for building it:
./configure --prefix=/usr --disable-man --disable-doc

# make sure configure completes successfully
# (of course you can omit --disable-man and --disable-doc
# though, man and doc generation have a few more package dependencies)

# build it (-O3 is for best performance)
make CFLAGS="-O3"

# make sure it completes successfully.

# install it
sudo make install

# make sure it completes successfully.

The above installs the development version of FireHOL on your computer, which includes the latest update-ipsets.

To run it, use something like this:

# enable an ip list
update-ipsets enable dshield

# update all enabled lists
update-ipsets

Keep in mind update-ipsets supports running as both root and any normal user.

Check Downloading IP Lists to learn how to use it.

Install update-ipsets (without autoconf)

If you don't want to install the development version of FireHOL, you can follow this procedure:

# cd to your home
cd

# download firehol
git clone https://github.com/firehol/firehol.git firehol.git

# cd to sbin directory in firehol
cd firehol.git/sbin

# compile iprange by hand
make -o iprange -O3 -pthread iprange.c

# install iprange to your system
sudo cp iprange /usr/bin/

# install update-ipsets to your system
sudo cp update-ipsets.in /usr/sbin/update-ipsets

You have now installed iprange and update-ipsets without FireHOL.

Add a custom footer
Add a custom sidebar
Clone this wiki locally