Skip to content

Instantly share code, notes, and snippets.

@jkullick
Last active November 5, 2024 10:40
Show Gist options
  • Save jkullick/62695266273608a968d0d7d03a2c4185 to your computer and use it in GitHub Desktop.
Save jkullick/62695266273608a968d0d7d03a2c4185 to your computer and use it in GitHub Desktop.
Block Tor Exit Nodes with IPTables
  1. Install ipset:
apt-get install ipset
  1. Create new ipset:
ipset create tor iphash
  1. Read Tor Exit Node List and add to ipset:
curl -sSL "https://check.torproject.org/cgi-bin/TorBulkExitList.py?ip=$(curl icanhazip.com)" | sed '/^#/d' | while read IP; do
  ipset -q -A tor $IP
done

Note: This should run as daily cronjob.

  1. Block ipset with iptables:
iptables -A INPUT -m set --match-set tor src -j DROP

Source

@zouppen
Copy link

zouppen commented Nov 10, 2022

I made a version with systemd timer and deployment instructions: https://gist.github.com/zouppen/bc005e0038860164714f0cdf376369b4

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment