Every day, we receive information about a few millions of packets that are blocked on the firewalls of Turris routers. These data contain useful information that is further used in our analyses and we've decided to publish them for usage in other projects.

The data are processed and clasified every week and behaviour of IP addresses that accessed a larger number of Turris routers is evaluated. The result is a list of addresses that have tried to obtain information about services on the router or tried to gain access to them. We publish this so called "greylist" that also contains a list of tags for each address which indicate what behaviour of the address was observed.

We do not recommend to use these data as a list of addresses that should be blocked but it can be used for example in analysis of the traffic in other networks. We hold no liability for damages resulting from usage of the published data.

Data can be downloaded from All published greylist files are signed with PGP key 1087 6666.

If you think that there is no reason for an IP address to be on the list or if you have any other questions regarding this list, contact us at email address

Do you want to join the project?

Join in!