![](https://lemmy.horwood.cloud/pictrs/image/a4d4857b-ac3b-4250-9621-e25526f3968f.png)
![](https://lemmy.world/pictrs/image/8286e071-7449-4413-a084-1eb5242e2cf4.png)
I would have a cron that runs a script to pull the list and update IPset, this might not work.
make a file on your docker server with the below in it, set the file to execute chmod +x file.sh
#!/bin/sh
ipset -q flush ipsum
ipset -q create ipsum hash:ip
for ip in $(curl --compressed https://raw.githubusercontent.com/stamparm/ipsum/master/ipsum.txt 2>/dev/null | grep -v "#" | grep -v -E "\s[1-2]$" | cut -f 1); do ipset add ipsum $ip; done
iptables -D INPUT -m set --match-set ipsum src -j DROP 2>/dev/null
iptables -I INPUT -m set --match-set ipsum src -j DROP
Then add a cron file in /etc/cron.d
that runs the script every 24 hours
10 3 * * * root /root/file.sh
I have my portainer behind an oath proxy, using keycloak as the Auth provider