@jon is working on a framework for so called RPZ lists.
These use the RPZ (Response Policy Zone) mechanism of unbound. This means a direct DNS blocking with internal updates of the lists using the SOA definition.
I am not familiar with any of them but a quick search resulted in the following thoughts.
The licence for this is not a standard Open Source one.
Basically it says that if you u8se the list you must not be making any money, so it sounds like it would be a no-no for businesses.
This list was last updated in July 2022 and that was the first and last release of the blocklist. So it would depend if you think that a P2P blocklist only ever needs to be created once and will apply the same after that.
I could not find out any date for the list that is provided and the banlist.txt is not mentioned anywhere on the website.
This was a problem with the Alienvault ipblocklist which was still available for download but had not been updated for at least 2 years and maybe much longer so was removed from the IPFire IPBlocklist in CU186
Really the people providing these ip block lists should put a date of generation at the top of the list so it can be easily found out if the list has become dead or orphaned.
i like and use also the IP lists from Firehol → https://iplists.firehol.org whereby you can get the original source, maps, evolution, histories of added and removed IPs and usable charts but also update cycles.
This is another approach. These IP lists are implemented in the firewall.
The thread opener asked about DNS blocklists.
IP lists block the access to malicious IPs.
DNS list deny the name resolution of ‘bad’ web sites. This catches also FQDNs with very frequently changing IPs.
Could you link the exact words? I think the author was just joking around with the license but the way I understood is that no one is allowed to distribute the list for money or threaten to sue users if they don’t pay. but I would be interested to see if you found something different.
Jun 28, 2024
I am looking at the history of commits on the Github page and I see
Jun 28, 2024
I could be wrong but could you let me know where do you see last updated in July 2022 ?
I agree, there was no timestamp, but I still wanted to hear some feedback and you are right the author should include a header with timestamp.
There are not a that many freely available quality lists anymore,
I could agree that RPZ is a more modern approach, but I understand the amount of effort it would take to implement it in IPFire,
I’m ok using IP blocklists, without FQDN
Thank you That is a nice compilation of of lists
Could you mention what particular lists do you find useful?
It does have a jokey element to it but for a business I would think it makes it a bit difficult when a license is jokey.
Anyway, you can make your own decision on it.
Today I see two commits. One on June 28th 2024 and one on June 29th 2024. When I looked originally neither were there. The only thing was the release itself which has a date of Jul 2022. https://github.com/Naunter/BT_BlockLists/releases/tag/v.1
In the title of that page it says
· 2 commits to master since this release
These are the two commits from 28th and 29th June 2024 which are the first updates to my understanding since the list was originally released.
I sorted out lists (30 to 40) from there which are useful for my environment in my opinion and run them with an own script in combination with firehols update-ipsets.sh even i use also IPBlocklists from IPFire which may includes some doubles which is not a problem at all since IPSet is for both the tool to handle them.
The work of Costa Tsaousis (ktsaou → https://www.ipfire.org/docs/configuration/firewall/ipset/ipset_for_ipfire__forum.ipfire.pdf), which was also guest in the old IPFire forum and tried to helped at that time out (thanks again to him) and the whole community is great in my opinion and i currently does not know a platform which is open and as clear and detailed as it is there.
