To block traffic from TOR using CSF firewall, edit
vi /etc/csf/csf.blocklists
Add following to end of the file
TOR|86400|0|https://www.dan.me.uk/torlist/
86400 = Tor IP list updated every 86400 seconds (12 hours), you can change this if required, but updating every 12 hours is fine for such a large list.
Now restart CSF and LFD
csf -r systemctl restart lfd
You can verify IPs get added to firewall by running
iptables -L -n
You wills see DROP lines for each of the TOR IP address.
# iptables -L -n | grep DROP | wc -l 5955 #
You will be able to see the downloaded TOR IP list at
/var/lib/csf/csf.block.TOR
Leave a Reply