English Forums > Tutorials and FAQs

Import Large File of Netblocks to an Alias

(1/1)

opnvalar:
Hi all,

Apologies if this has been covered before but I ran into a bit of hassle this morning trying to import a ridiculously large number of netblocks into an alias, for use in opnsense's firewall section.

I tried dragging the text file into the 'content' section of a new alias but could only ever add one netblock at a time and had to make sure I added a comma at the end of the latest entry. However I could not use this method to import thousands of netblocks.

This short guide is probably way too much faffing and over-complicated but I did manage to import around 3,250 seperate netblocks into one alias; I have others with far less entries for which the manual single entry method wouldn't be too painful.

Nevertheless...

opnsense version: 20.7.7_1-amd64


1) On a Linux/BSD machine, upload the file which contains one netblock per line (as in my case) and run the following command against this file:

cat bad_ips.txt | tr '\n' ' ' > bad_ips_concat.txt


2) If your 'sed'-fu is better than mine (more than likely) then you can probably achieve this next step without the help of a text editor and use 'sed' instead.

Download your processed file ie. bad_ips_concat.txt and use the find/replace function in a text editor to swap whitespace for \n

Note: Make sure there is no \n at the end of the file.

Save, then CTRL-A and CTRL-C the whole contents of this file.

3) In opnsense, navigate to Firewall and then Aliases. Create an alias and select 'Network/s' as the type. Click Apply.

4) Download the current aliases json file using the 'cloud and down arrow' icon to the right in Firewall/Aliases. You may want to  make a backup of this file somewhere else.

5) Open up this downloaded 'aliases.json' file and paste the content of your text editor's text into the "content" section of the new alias that you've created; make sure there's no \n at the end. Save the file.

6) In Firewall/Aliases, click the 'cloud and up arrow' and then browse to your downloaded 'aliases.json' file that you've just modified. Click upload.

7) If there are errors in the file then opnsense will inform you so you can edit the file, save and then try another upload. For example there were around ten instances of netblocks in my file which didn't have a forward slash before the CIDR suffix. I'm not sure whether this was a result of the 'tr' command above but it was painless to edit such a small amount given the thousands of entries I had in this file.

If there are no errors, click Apply. If nothing appears to be different on the Aliases page then navigate away from it back then back to the Aliases page again. You should now see your new alias which contains many netblock entries.

8 ) Create a firewall rule using the alias you just uploaded that contains the multiple netblocks as a 'source'. Make sure to add a description as this will appear in the firewall logs as a 'label'. Save your rule and move it to an appropriate place in your list of firewall rules.

9) If all goes well, you should see entries from the netblock alias showing up in Firewall/Log Files/Live View.

10) Relish in the delight of having considerably less naughty networks banging away at your services relentlessly.


Thanks for reading.


Pete.

thereturn:
Thanks for this coming from pfsense this has been a challenge as I was using pfblocker which created a list via the ASN.

Navigation

[0] Message Index