how to add malware dns file to OpenVPN server via iptables?

I assume I can regularly download a file of current malware dns numbers?

If so, if I add these addresses to my Linode iptables, will this list server to also block malware sites that might be accessed by OpenVPN clients using my Linode OpenVPN server?

Or, is there another way to add such updated malware lists?

I do regularly update lists from into my fail2ban scripts, so I thought this might be a good way of also protecting openvpn clients.

3 Replies

Seems like it ought to be doable. Will just mention that it may be worth looking into ipset ( to handle the list of IPs, then reference that ipset in an iptables rule.

I've used ipset for quite awhile, but not to update blacklists. I've been using the code on for the past year. I tried the alternative code by d–j using ipset suggested on that page, but it never has worked properly.

This does not seem to work. I picked a few IPs that are in my DROP list in my Linode iptables, e.g., iptables -w -L -v -n, and my clients that use my Linode OpenVPN server can still access those IPs in browsers.


Please enter an answer

You can mention users to notify them: @username

You can use Markdown to format your question. For more examples see the Markdown Cheatsheet.

> I’m a blockquote.

I’m a blockquote.

[I'm a link] (

I'm a link

**I am bold** I am bold

*I am italicized* I am italicized

Community Code of Conduct