Installing update ipsets

update-ipsets is part of FireHOL.

You can use update-ipsets without FireHOL. update-ipsets does not depend on it. You have to install it to your computer though.

update-ipsets is a new member of the FireHOL suite. It is part of FireHOL v3+. You can also download the latest development version of it using the following procedure (which will also install the latest version of FireHOL to your computer).

---

Install update-ipsets (and FireHOL)

The FireHOL repo includes update-ipsets.

You need to have a basic build environment in place. You will need packages like git, make, gcc, autoconf, autogen, automake, pgk-config, curl, ipset, etc.

To install them in debian/ubuntu, you need to run:

apt-get install zlib1g-dev gcc make git autoconf autogen automake pkg-config curl ipset

This is a quick guide to install it:

# cd somewhere
cd /tmp

# download iprange and firehol from github
git clone https://github.com/firehol/iprange.git iprange.git
git clone https://github.com/firehol/firehol.git firehol.git

# install iprange
cd iprange.git

./autogen.sh
# make sure it completed successfully

./configure --prefix=/usr CFLAGS="-march=native -O3" --disable-man
# make sure it completed successfully

make
# make sure it completed successfully

sudo make install
# make sure it completed successfully

# install firehol
cd ../firehol.git

./autogen.sh
# make sure it completed successfully

./configure --prefix=/usr --sysconfdir=/etc --disable-man --disable-doc
# make sure it completed successfully

make
# make sure it completed successfully

sudo make install
# make sure it completed successfully

The above installs the development version of FireHOL on your computer, which includes the latest update-ipsets.

To run it, use something like this:

# enable an ip list
update-ipsets enable dshield

# update all enabled lists
update-ipsets

Keep in mind update-ipsets supports running as both root and any normal user.

Check Downloading IP Lists to learn how to use it.