Skip to content
/ UFW-SpamVerify-Reporter Public

A tool (with a simple installer) that monitors UFW firewall logs in real time and reports IP addresses to the SpamVerify database.

License

GPL-3.0 license
3 stars 0 forks Branches Tags Activity
Star
Notifications You must be signed in to change notification settings

sefinek/UFW-SpamVerify-Reporter

BranchesTags

Repository files navigation

🛡️ UFW SpamVerify Reporter

A utility designed to analyze UFW logs and report IP addresses blocked by the firewall to the SpamVerify database.
To prevent excessive reporting of the same IP address within a short period, the tool uses a temporary cache file to track previously reported IP addresses.

⭐ If you like this repository or find it useful, I'd greatly appreciate it if you could give it a star. Many thanks!
Also, check this out: sefinek/Cloudflare-WAF-To-AbuseIPDB

Important

  • If you'd like to make changes to any files in this repository, please start by creating a public fork.
  • UDP traffic should not be reported!

📋 Requirements

  1. Node.js + npm
  2. PM2 (npm i pm2 -g)
  3. Git
  4. Ubuntu Server or Debian

✅ Features

  1. Easy Configuration – The config.js file allows for quick and simple customization.
  2. Simple Installer – Enables fast and seamless integration deployment.
  3. Self-IP Protection (IPv4 & IPv6) – The script will never report an IP address belonging to you or your server, even if you use a dynamic IP.
  4. Discord Webhooks Integration:
    • Important notifications.
    • Alerts for script errors.
    • Daily summaries of reported IP addresses.
  5. Automatic Updates – The script regularly fetches and applies the latest updates. If you want, you can disable it, of course.

📥 Installation (Ubuntu & Debian)

Automatic (easy & fast & recommenced)

Via curl

bash <(curl -fsS https://raw.githubusercontent.com/sefinek/UFW-SpamVerify-Reporter/main/install.sh)

Via wget

bash <(wget -qO- https://raw.githubusercontent.com/sefinek/UFW-SpamVerify-Reporter/main/install.sh)

Manually

Node.js installation

sudo apt install -y curl
curl -fsSL https://deb.nodesource.com/setup_22.x -o nodesource_setup.sh
sudo -E bash nodesource_setup.sh && sudo apt install -y nodejs

Git installation

sudo add-apt-repository ppa:git-core/ppa
sudo apt update && sudo apt -y install git

Commands

sudo apt update && sudo apt upgrade
cd ~
git clone https://github.com/sefinek/UFW-SpamVerify-Reporter.git --recurse-submodules
cd UFW-SpamVerify-Reporter
npm install
cp config.default.js config.js
sudo chmod 644 /var/log/ufw.log
node .
^C
npm install pm2 -g
sudo mkdir /var/log/ufw-spamverify
sudo chown $USER:$USER /var/log/ufw-spamverify -R
pm2 start
pm2 startup
[Paste the command generated by pm2 startup]
pm2 save

🖥️ Usage

After a successful installation, the script will run continuously in the background, monitoring UFW logs and automatically reporting IP addresses.

Servers are constantly scanned by bots, usually looking for security vulnerabilities and similar weaknesses. So don't be surprised if the number of reports sent to AbuseIPDB exceeds a thousand the next day.

🔍 Checking logs

pm2 logs ufw-spamverify

📄 Example reports

Blocked by UFW on homeserver1 [30049/tcp]. Generated by: https://github.com/sefinek/UFW-SpamVerify-Reporter

🤝 Development

If you want to contribute to the development of this project, feel free to create a new Pull request. I will definitely appreciate it!

🔑 GPL-3.0 License

Copyright 2025 © by Sefinek. All rights reserved.

About

A tool (with a simple installer) that monitors UFW firewall logs in real time and reports IP addresses to the SpamVerify database.

Topics

server ubuntu tool firewall reporter server-management firewall-configuration ufw ufw-firewall reporting-tool spamverify

Resources

Readme

License

GPL-3.0 license
Activity

Stars

3 stars

Watchers

2 watching

Forks

0 forks
Report repository

Sponsor this project

  •  
Learn more about GitHub Sponsors

Languages