GALILEUM SOC & NETWORK SECURITY
🛡️ FireGuard v2.2.2
Blacklist Manager — Authentication Required
🇬🇧 English 🇭🇺 Magyar 🇰🇷 한국어

You received the API key during installation.
If lost, generate a new one in the database.

GALILEUM SOC & NETWORK SECURITY
FireGuard v2.1
Blacklist Manager
v2.2.2 — Galileum / Andrews IT Engineering
Overview
📊 Dashboard
Blacklists
🔴 IP Blacklist —
🔵 Domain Blacklist —
Whitelists
🟢 IP Whitelist —
🟢 Domain Whitelist —
System
🔑 API Keys
📖 API Documentation
📋 Audit Log
❓ Help
🇬🇧 EN 🇭🇺 HU 🇰🇷 KO
API Online
Connected
Dashboard
Blocked IPs
—
active entries
Blocked Domains
—
active entries
Whitelisted IPs
—
active entries
Whitelisted Domains
—
active entries
Total Entries
—
active blacklist entries
API Calls
—
total requests
📋 Recent Activity
🔍 Quick Check
IP Categories
🔴 IP Blacklist
⬇ Export TXT
IP / CIDR Category Severity Hits Comment Status Added
🔵 Domain Blacklist
⬇ Export TXT
Domain Category Severity Hits Comment Status Added
🟢 IP Whitelist
⬇ Export TXT
IP / CIDR Category Severity Comment Status Added
🟢 Domain Whitelist
⬇ Export TXT
Domain Category Severity Comment Status Added
🔑 API Key Management
💡 Firewall Integration

Firewalls can authenticate to the API using the following methods:

Authorization header
Authorization: Bearer <api_key>
X-API-Key header
X-API-Key: <api_key>
Curl example — fetch flat list
curl -H "X-API-Key: <api_key>" \ https://your-server.com/fireguard/api/blacklist/flat
📖 API Documentation
Base URL: https://your-server.com/fireguard/api/
Authentication: X-API-Key: <key> or Authorization: Bearer <key>
📋 Audit Log
🚀 Quick Start
🔴
Blacklist
Add IP addresses, CIDR ranges, and domains that should be blocked. Firewalls periodically download the list via the export endpoints.
🟢
Whitelist
Entries on the whitelist always override the blacklist. The /api/blacklist/check endpoint returns whitelisted: true for these values.
🔍
Quick Check
On the Dashboard you can instantly check whether an IP or domain is blocked, whitelisted, or clear.
🔑
API Keys
Create one key per firewall or integration. The key is shown only once — save it in a password manager.
⬆ Bulk Import

Use the ⬆ Import button on any list page to upload a .txt or .csv file. Duplicates are skipped automatically.

TXT
# Komment sor — kihagyva
1.2.3.4
45.142.212.100
10.0.0.0/8
185.220.101.0/24
CSV
ip,category,severity,comment
1.2.3.4,malware,9,C2 server
10.0.0.0/8,botnet,7,
45.0.0.1,spam,5,Spam relay
CSV categories: spam, malware, botnet, scanner, tor, vpn, phishing, c2, adware, tracking, other. Severity: 1–10. Missing fields default to "other" / 5.
📡 API Reference

All endpoints require an API key except GET /api/stats. Pass the key as X-API-Key header, Authorization: Bearer, or ?api_key= query param.

Authentication
X-API-Key: fg_abc123...
Authorization: Bearer fg_abc123...
?api_key=fg_abc123...
Check endpoint
POST /api/blacklist/check
{ "value": "1.2.3.4" }

→ blocked: true / false
→ whitelisted: true / false
Method Endpoint Description
GET /api/ips List blocked IPs (filterable)
POST /api/ips Add IP to blacklist
GET /api/ips/export Plain text IP export for firewalls
GET /api/domains List blocked domains
POST /api/domains Add domain to blacklist
GET /api/domains/export Plain text domain export
GET /api/whitelistips List whitelisted IPs
POST /api/whitelistips Add IP to whitelist
GET /api/whitelistips/export Plain text whitelist IP export
GET /api/whitelistdomains List whitelisted domains
POST /api/whitelistdomains Add domain to whitelist
POST /api/import/{lista} Bulk import from TXT/CSV (lista: ip_blacklist | domain_blacklist | ip_whitelist | domain_whitelist)
POST /api/blacklist/check Check if value is blocked/whitelisted (increments hit_count)
GET /api/blacklist/flat Full blacklist as plain text for firewall import
GET /api/stats System statistics — public, no auth required
GET /api/audit Audit log (?type=ip|domain|api_key|whitelist)
🔥 Firewall Integration
Palo Alto
EDL — External Dynamic List
/api/ips/export?api_key=...
Fortinet FortiGate
External Threat Feed
/api/ips/export?api_key=...
pfSense / OPNsense
URL Table Alias
/api/ips/export?api_key=...
Mikrotik RouterOS
/tool fetch script
/api/ips/export?api_key=...
iptables / ipset
Cron + curl
/api/blacklist/flat?api_key=...
🏷 Categories
Spam
Malware
Botnet
Scanner
Tor Exit Node
VPN / Proxy
Phishing
C2 (Command & Control)
Adware
Tracking
Other
ℹ About
🛡️ FireGuard
Self-hosted IP and domain blacklist/whitelist manager with REST API and web admin interface.
Version: v2.2.2
PHP: 8.4.18
License: MIT
Keyboard Shortcuts
F5 — Refresh current page
ESC — Close modal
? — Open this help page
🔴 Add IP to Blacklist
IPv4, IPv6 and CIDR notation (e.g. 10.0.0.0/8) are accepted.
1 = low risk, 10 = critical
🔵 Add Domain to Blacklist
Must be a full domain name (e.g. evil.ru, not http://evil.ru)
⬆ Import from file
TXT (one entry per line) or CSV (ip/domain, category, severity, comment).
TXT: 1.2.3.4  |  CSV: 1.2.3.4,malware,8,C2 server
🟢 Add IP to Whitelist
IPv4, IPv6 and CIDR notation (e.g. 10.0.0.0/8) are accepted.
1 = low risk, 10 = critical
🟢 Add Domain to Whitelist
Must be a full domain name (e.g. evil.ru, not http://evil.ru)
1 = low risk, 10 = critical
🔑 Create New API Key
✓ API key created successfully!
Save this key — it will not be shown again!