Public | Automated Build

Last pushed: 9 months ago
Short Description
go-blackhole docker image
Full Description


go-blackhole watches the systemd journal for failed SSH login/authentication attempts and automatically blacklists these IPs for a fixed duration by adding a blackhole route.

Get it

Release binaries for linux amd64 platforms are built by default and can be downloaded from the Releases page.

A Docker image is also available: bwalex/go-blackhole. Check out example/k8s-blackhole.yaml for a usage example as a Kubernetes DaemonSet.

For other platforms or to build from source, clone the repository and just run make.


Usage of dist/go-blackhole:
  -blacklist-duration duration
        blacklist duration (default 30m0s)
  -db string
        database file location (default "/var/lib/blackhole.db")
  -ipv4-prefix int
        IPv4 prefix length to blacklist (default 32)
  -ipv6-prefix int
        IPv6 prefix length to blacklist (default 64)
  -journal-path string
        systemd journal path (default "/var/log/journal")


go-blackhole is released under the MIT License.

Docker Pull Command
Source Repository