IPbandit is a tool that protects you from malicious IP addresses and CIDR blocks (IPv4/IPv6).
IPbandit aggregates several blacklists created by the community. You can select your lists, add or delete them,
and even create your own blacklists to block entire countries, for example.
It's an aggregation of lists of malicious IP addresses to integrate with your firewalls. Examples : Fortinet FortiGate, Palo Alto, pfSense, OPNsense, iptables, NFtables, etc...
Using the default lists, you'll already block approximately 300,000 malicious IP addresses.
Designed to improve the security of your critical servers. Secure your Linux infrastructure : RHEL, Centos, AlmaLinux, Rocky Linux, Debian, Ubuntu and the others.
currently Version 1.0 Nightly
IPbandit is free and open-source software licensed under the GNU General Public License v3.0 (GPLv3).
You are free to use, modify, and distribute this software in compliance with the license terms. See the LICENSE file for more details.
- 2026-01 Init project, share on github
- 2026-02 Version Alpha: IPv6, add custom config file
- 2026-03 Add Fail2ban extras option
- 2026-04 Version 1.0 NIGTHLY
- 2026-05 Version 1.0 BETA
- 2026-07 Version 1.0 RC (Release Candidate)
- 2026-09 Version 1.0 STABLE
- coming soon, extras option Ipset / Iptables / Nftables
You can use our lists generated directly from our web servers (default configuration) without installation.
Download the following files directly
- https://raw.githubusercontent.com/cl3m4x1l/IPbandit/refs/heads/main/list.d/IPbandit_all.txt
- https://raw.githubusercontent.com/cl3m4x1l/IPbandit/refs/heads/main/list.d/IPbandit_ipv4.txt
- https://raw.githubusercontent.com/cl3m4x1l/IPbandit/refs/heads/main/list.d/IPbandit_ipv4_subnet.txt
- https://raw.githubusercontent.com/cl3m4x1l/IPbandit/refs/heads/main/list.d/IPbandit_ipv6.txt
- https://raw.githubusercontent.com/cl3m4x1l/IPbandit/refs/heads/main/list.d/IPbandit_ipv6_subnet.txt
mkdir /opt/clemaxil
cd /opt/clemaxil/
git clone https://github.com/cl3m4x1l/IPbandit.gitmkdir /opt/clemaxil
cd /opt/clemaxil/
wget https://github.com/cl3m4x1l/IPbandit/archive/refs/heads/main.zip
unzip main.zip
mv IPbandit-main IPbanditNavigate to the parent directory
chown -R root:root /opt/clemaxil/IPbandit
cd /opt/clemaxil/IPbandit
chmod +x IPbandit.sh extras/aggregator.sh extras/fail2ban.shcd /opt/clemaxil/IPbandit/
./IPbandit.sh --aggregatorcrontab -eAdd this line, and adjust time
30 05 * * * nice -n 10 /opt/clemaxil/IPbandit/IPbandit.sh --aggregator >/dev/null 2>&1nano /etc/crond.d/IPbanditAdd this line, and adjust time
30 05 * * * root nice -n 10 /opt/clemaxil/IPbandit/IPbandit.sh --aggregator >/dev/null 2>&1With full options (see extras section)
30 05 * * * root nice -n 10 /opt/clemaxil/IPbandit/IPbandit.sh --fail2ban --aggregator >/dev/null 2>&1After execution, you will find the generated files in IPbandit/list.d directory, which you can then use for your services.
- IPbandit_all.txt
- IPbandit_ipv4.txt
- IPbandit_ipv4_subnet.txt
- IPbandit_ipv6.txt
- IPbandit_ipv6_subnet.txt
Note: IPdeny offers free downloads of GEO IP address blocks by country. You can add a list of IP addresses from a country to this directory. https://www.ipdeny.com/ipblocks/
You can add your own lists to the extras/list.d directory. Important ! Name your files with the .list extension.
You can choose which lists to download by editing the IPbandit_custom.txt file.
You can retrieve the list of IPs detected by fail2ban on your machine.
The Ips will be written in the files extras/list.d/myfail2ban.list.\ This file will then be imported directly by IPbandit.
You can run the scriptextras/fail2ban.sh separately
cd /opt/clemaxil/IPbandit/extras/
./fail2ban.sh or with the IPbandit options.
cd /opt/clemaxil/IPbandit/
./IPbandit.sh --fail2ban