hello@zenfirewall.com ~ $

How to use Zenfirewall with nftables

To use this list directly with iptables, you can use this script, although I recommend always using dedicated software like CSF to manage a firewall.

#!/bin/bash

LISTA_URL="https://zenfirewall.com/zenblock.txt"
TEMP_FILE="/tmp/blocked_ips.nft"

# Descargar lista
curl -s $LISTA_URL > /tmp/ips_raw.txt

# Crear archivo nftables
cat > $TEMP_FILE <<'EOF'
table inet filter {
    set blocked_ips {
        type ipv4_addr
        flags interval
        elements = {
EOF

# Añadir IPs al archivo
grep -E '^[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}$' /tmp/ips_raw.txt | \
    sed 's/$/,/' | sed '$ s/,$//' >> $TEMP_FILE

# Cerrar archivo
cat >> $TEMP_FILE <<'EOF'
        }
    }

    chain input {
        type filter hook input priority 0; policy accept;
        ip saddr @blocked_ips drop
    }
}
EOF

# Aplicar configuración
nft -f $TEMP_FILE

# Limpiar
rm /tmp/ips_raw.txt $TEMP_FILE

echo "Configuración aplicada. Total de elementos en set:"
nft list set inet filter blocked_ips | grep -c "elements"

To make it permanent: 

nft list ruleset > /etc/nftables.conf ;systemctl enable nftables