diff --git a/roles/common/files/abusers-ipv4.xml b/roles/common/files/abusers-ipv4.xml
new file mode 100644
index 0000000..c74992a
--- /dev/null
+++ b/roles/common/files/abusers-ipv4.xml
@@ -0,0 +1,463 @@
+
+
+
+ abusers-ipv4
+ A list of abusive IPv4 addresses.
+ 102.165.35.92
+ 103.208.220.122
+ 103.208.220.226
+ 103.91.210.33
+ 104.244.72.115
+ 104.244.72.221
+ 104.244.72.251
+ 104.244.77.49
+ 104.244.78.55
+ 104.244.79.222
+ 107.155.49.126
+ 112.85.42.171
+ 112.85.42.172
+ 112.85.42.173
+ 112.85.42.174
+ 112.85.42.175
+ 112.85.42.177
+ 112.85.42.178
+ 112.85.42.179
+ 112.85.42.180
+ 112.85.42.182
+ 119.146.223.134
+ 122.195.200.14
+ 122.195.200.148
+ 122.195.200.36
+ 128.14.136.158
+ 139.199.162.76
+ 139.199.170.159
+ 139.199.79.66
+ 144.217.164.104
+ 144.217.165.133
+ 144.217.166.26
+ 144.217.166.59
+ 144.217.255.89
+ 144.217.7.154
+ 144.217.90.68
+ 146.185.194.219
+ 149.202.170.60
+ 149.56.44.47
+ 153.36.236.35
+ 153.36.242.143
+ 157.157.87.22
+ 158.69.113.76
+ 158.69.192.200
+ 158.69.192.239
+ 158.69.193.32
+ 158.69.212.107
+ 158.69.217.248
+ 158.69.217.87
+ 158.69.63.54
+ 162.247.72.199
+ 162.247.73.192
+ 162.247.74.200
+ 162.247.74.201
+ 162.247.74.202
+ 162.247.74.204
+ 162.247.74.206
+ 162.247.74.213
+ 162.247.74.216
+ 162.247.74.217
+ 162.247.74.27
+ 162.247.74.7
+ 162.247.74.74
+ 163.172.106.114
+ 164.132.51.91
+ 166.70.207.2
+ 167.71.56.222
+ 169.197.112.102
+ 169.197.97.34
+ 171.25.193.20
+ 171.25.193.235
+ 171.25.193.25
+ 171.25.193.77
+ 171.25.193.78
+ 172.247.76.85
+ 172.96.118.14
+ 173.244.209.5
+ 175.126.163.116
+ 178.165.72.177
+ 18.18.248.17
+ 18.27.197.252
+ 183.131.82.99
+ 185.100.85.61
+ 185.100.87.206
+ 185.117.215.9
+ 185.127.25.192
+ 185.129.62.62
+ 185.130.44.108
+ 185.169.42.133
+ 185.216.32.170
+ 185.220.102.4
+ 185.220.102.6
+ 185.220.102.7
+ 185.220.102.8
+ 185.227.68.78
+ 185.246.128.25
+ 185.254.122.114
+ 185.34.33.2
+ 185.65.135.180
+ 185.83.214.121
+ 188.213.49.176
+ 188.214.104.146
+ 18.85.192.253
+ 188.92.75.248
+ 188.92.77.12
+ 188.92.77.235
+ 192.42.116.13
+ 192.42.116.14
+ 192.42.116.15
+ 192.42.116.16
+ 192.42.116.17
+ 192.42.116.18
+ 192.42.116.19
+ 192.42.116.20
+ 192.42.116.22
+ 192.42.116.23
+ 192.42.116.24
+ 192.42.116.25
+ 192.42.116.26
+ 192.42.116.27
+ 192.42.116.28
+ 193.110.157.151
+ 193.169.255.102
+ 193.171.202.150
+ 193.201.224.216
+ 193.201.224.218
+ 193.201.224.232
+ 193.32.163.182
+ 193.32.163.89
+ 193.90.12.115
+ 193.9.114.139
+ 193.9.115.24
+ 194.187.249.57
+ 195.206.105.217
+ 198.100.148.114
+ 198.96.155.3
+ 198.98.50.112
+ 198.98.52.143
+ 198.98.57.155
+ 199.195.251.84
+ 199.87.154.255
+ 204.17.56.42
+ 204.8.156.142
+ 205.185.117.149
+ 205.185.127.219
+ 207.244.70.35
+ 209.141.34.95
+ 209.141.41.103
+ 209.141.51.150
+ 209.141.58.114
+ 209.95.51.11
+ 212.21.66.6
+ 213.61.215.54
+ 216.218.134.12
+ 216.239.90.19
+ 217.115.10.132
+ 217.170.197.83
+ 217.170.197.89
+ 218.92.0.131
+ 218.92.0.132
+ 218.92.0.133
+ 218.92.0.134
+ 218.92.0.135
+ 218.92.0.137
+ 218.92.0.138
+ 218.92.0.139
+ 218.92.0.141
+ 218.92.0.143
+ 218.92.0.144
+ 218.92.0.145
+ 218.92.0.146
+ 218.92.0.147
+ 218.92.0.154
+ 218.92.0.155
+ 218.92.0.156
+ 218.92.0.157
+ 218.92.0.158
+ 218.92.0.160
+ 218.92.0.161
+ 218.92.0.163
+ 218.92.0.167
+ 218.92.0.168
+ 218.92.0.170
+ 218.92.0.171
+ 218.92.0.172
+ 218.92.0.173
+ 218.92.0.174
+ 218.92.0.175
+ 218.92.0.178
+ 218.92.0.180
+ 218.92.0.181
+ 218.92.0.182
+ 218.92.0.184
+ 218.92.0.185
+ 218.92.0.186
+ 218.92.0.187
+ 218.92.0.188
+ 218.92.0.190
+ 218.92.0.193
+ 218.92.0.204
+ 218.92.0.210
+ 218.92.0.212
+ 218.98.26.162
+ 218.98.26.163
+ 218.98.26.164
+ 218.98.26.165
+ 218.98.26.166
+ 218.98.26.167
+ 218.98.26.168
+ 218.98.26.169
+ 218.98.26.170
+ 218.98.26.171
+ 218.98.26.172
+ 218.98.26.174
+ 218.98.26.175
+ 218.98.26.177
+ 218.98.26.178
+ 218.98.26.180
+ 218.98.26.182
+ 218.98.26.183
+ 218.98.26.184
+ 218.98.40.131
+ 218.98.40.132
+ 218.98.40.134
+ 218.98.40.136
+ 218.98.40.137
+ 218.98.40.138
+ 218.98.40.140
+ 218.98.40.141
+ 218.98.40.142
+ 218.98.40.143
+ 218.98.40.144
+ 218.98.40.145
+ 218.98.40.146
+ 218.98.40.147
+ 218.98.40.148
+ 218.98.40.150
+ 218.98.40.151
+ 218.98.40.152
+ 218.98.40.154
+ 222.186.10.47
+ 222.186.15.101
+ 222.186.15.110
+ 222.186.15.160
+ 222.186.15.197
+ 222.186.15.204
+ 222.186.15.217
+ 222.186.15.28
+ 222.186.15.33
+ 222.186.15.65
+ 222.186.169.192
+ 222.186.169.194
+ 222.186.173.119
+ 222.186.173.142
+ 222.186.173.154
+ 222.186.173.180
+ 222.186.173.183
+ 222.186.173.201
+ 222.186.173.215
+ 222.186.173.238
+ 222.186.175.140
+ 222.186.175.147
+ 222.186.175.148
+ 222.186.175.150
+ 222.186.175.151
+ 222.186.175.154
+ 222.186.175.155
+ 222.186.175.161
+ 222.186.175.163
+ 222.186.175.167
+ 222.186.175.169
+ 222.186.175.182
+ 222.186.175.183
+ 222.186.175.202
+ 222.186.175.212
+ 222.186.175.215
+ 222.186.175.216
+ 222.186.175.217
+ 222.186.175.220
+ 222.186.175.6
+ 222.186.175.8
+ 222.186.180.147
+ 222.186.180.17
+ 222.186.180.19
+ 222.186.180.20
+ 222.186.180.21
+ 222.186.180.223
+ 222.186.180.41
+ 222.186.180.6
+ 222.186.180.8
+ 222.186.180.9
+ 222.186.190.17
+ 222.186.190.2
+ 222.186.190.65
+ 222.186.190.92
+ 222.186.30.111
+ 222.186.30.152
+ 222.186.30.165
+ 222.186.31.136
+ 222.186.31.144
+ 222.186.31.145
+ 222.186.3.179
+ 222.186.42.117
+ 222.186.42.15
+ 222.186.42.163
+ 222.186.42.241
+ 222.186.42.4
+ 222.186.42.94
+ 222.186.52.107
+ 222.186.52.123
+ 222.186.52.124
+ 222.186.52.155
+ 222.186.52.78
+ 222.186.52.89
+ 23.129.64.100
+ 23.129.64.150
+ 23.129.64.151
+ 23.129.64.152
+ 23.129.64.153
+ 23.129.64.154
+ 23.129.64.155
+ 23.129.64.156
+ 23.129.64.157
+ 23.129.64.158
+ 23.129.64.159
+ 23.129.64.160
+ 23.129.64.161
+ 23.129.64.162
+ 23.129.64.163
+ 23.129.64.165
+ 23.129.64.166
+ 23.129.64.167
+ 23.129.64.168
+ 23.129.64.169
+ 23.129.64.170
+ 23.129.64.180
+ 23.129.64.181
+ 23.129.64.182
+ 23.129.64.183
+ 23.129.64.184
+ 23.129.64.185
+ 23.129.64.186
+ 23.129.64.187
+ 23.129.64.188
+ 23.129.64.189
+ 23.129.64.190
+ 23.129.64.191
+ 23.129.64.192
+ 23.129.64.193
+ 23.129.64.194
+ 23.129.64.195
+ 23.129.64.196
+ 23.129.64.200
+ 23.129.64.201
+ 23.129.64.202
+ 23.129.64.203
+ 23.129.64.204
+ 23.129.64.205
+ 23.129.64.206
+ 23.129.64.207
+ 23.129.64.208
+ 23.129.64.209
+ 23.129.64.210
+ 23.129.64.211
+ 23.129.64.212
+ 23.129.64.213
+ 23.129.64.214
+ 23.129.64.215
+ 23.129.64.216
+ 23.133.240.6
+ 31.185.104.21
+ 35.0.127.52
+ 36.156.24.43
+ 36.156.24.78
+ 36.156.24.79
+ 37.220.36.240
+ 37.28.154.68
+ 37.46.114.5
+ 46.182.106.190
+ 46.29.248.238
+ 49.88.112.111
+ 49.88.112.115
+ 49.88.112.116
+ 49.88.112.117
+ 49.88.112.54
+ 49.88.112.55
+ 49.88.112.57
+ 49.88.112.62
+ 49.88.112.63
+ 49.88.112.64
+ 49.88.112.66
+ 49.88.112.67
+ 49.88.112.71
+ 49.88.112.76
+ 49.88.112.77
+ 49.88.112.78
+ 49.88.112.80
+ 49.88.112.85
+ 49.88.112.90
+ 50.99.193.144
+ 51.15.1.221
+ 51.15.3.205
+ 51.15.76.60
+ 51.158.184.28
+ 51.38.150.104
+ 51.38.150.105
+ 51.38.150.109
+ 51.75.21.57
+ 51.77.193.218
+ 51.77.52.216
+ 51.83.76.139
+ 5.199.130.188
+ 54.36.108.162
+ 54.36.189.105
+ 54.37.157.229
+ 54.37.234.66
+ 54.39.148.232
+ 54.39.148.233
+ 54.39.148.234
+ 54.39.151.167
+ 58.218.213.128
+ 62.102.148.68
+ 62.102.148.69
+ 62.210.105.116
+ 62.210.140.24
+ 62.210.37.15
+ 62.210.37.82
+ 62.210.99.162
+ 64.113.32.29
+ 77.120.113.64
+ 77.247.181.162
+ 77.247.181.163
+ 77.247.181.165
+ 78.130.128.106
+ 79.134.234.247
+ 79.137.79.167
+ 80.67.172.162
+ 82.221.128.191
+ 82.221.131.102
+ 82.221.131.5
+ 82.221.131.71
+ 87.120.254.98
+ 87.120.36.157
+ 89.234.157.254
+ 89.41.173.191
+ 91.250.242.12
+ 91.92.109.43
+ 92.222.127.232
+ 92.62.139.103
+ 92.63.194.26
+ 92.63.194.47
+ 93.115.241.194
+ 94.100.6.27
+ 94.102.51.78
+ 95.128.43.164
+ 95.130.9.90
+ 95.142.161.63
+
diff --git a/roles/common/files/abusers-ipv6.xml b/roles/common/files/abusers-ipv6.xml
new file mode 100644
index 0000000..3c4c766
--- /dev/null
+++ b/roles/common/files/abusers-ipv6.xml
@@ -0,0 +1,7 @@
+
+
+
+ abusers-ipv4
+ A list of abusive IPv6 addresses.
+ 2a03:2880:11ff:10::face:b00c
+
diff --git a/roles/common/tasks/firewall_Debian.yml b/roles/common/tasks/firewall_Debian.yml
index bab1664..477c787 100644
--- a/roles/common/tasks/firewall_Debian.yml
+++ b/roles/common/tasks/firewall_Debian.yml
@@ -21,6 +21,15 @@
command: tidy -xml -iq -m -w 0 /etc/firewalld/zones/public.xml
notify:
- reload firewalld
+
+ - name: Copy ipsets of abusive IPs
+ when: ansible_distribution_major_version is version_compare('8', '>=')
+ copy: src={{ item }} dest=/etc/firewalld/ipsets/{{ item }} owner=root group=root mode=0600
+ loop:
+ - abusers-ipv4.xml
+ - abusers-ipv6.xml
+ notify:
+ - reload firewalld
tags: firewall
# vim: set sw=2 ts=2:
diff --git a/roles/common/tasks/firewall_Ubuntu.yml b/roles/common/tasks/firewall_Ubuntu.yml
index 9394493..22216d5 100644
--- a/roles/common/tasks/firewall_Ubuntu.yml
+++ b/roles/common/tasks/firewall_Ubuntu.yml
@@ -17,6 +17,15 @@
command: tidy -xml -iq -m -w 0 /etc/firewalld/zones/public.xml
notify:
- reload firewalld
+
+ - name: Copy ipsets of abusive IPs
+ when: ansible_distribution_major_version is version_compare('15.04', '>=')
+ copy: src={{ item }} dest=/etc/firewalld/ipsets/{{ item }} owner=root group=root mode=0600
+ loop:
+ - abusers-ipv4.xml
+ - abusers-ipv6.xml
+ notify:
+ - reload firewalld
tags: firewall
# vim: set sw=2 ts=2: