Created
April 10, 2016 23:40
-
-
Save AysadKozanoglu/a95346de3dc748ab03eb7bdbbd6b73b6 to your computer and use it in GitHub Desktop.
spamhaus blacklisted iptable blocker script
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #!/bin/bash | |
| IPT=”/bin/iptables” | |
| FILE=”/tmp/drop.lasso” | |
| URL=”http://www.spamhaus.org/drop/drop.lasso” | |
| echo “” | |
| echo -n “Deleting DROP list from existing firewall…” | |
| #This will delete all dropped ips from firewall | |
| ipdel=$(cat $FILE | egrep -v ‘^;’ | awk ‘{ print $1}’) | |
| for ipblock in $ipdel | |
| do | |
| $IPT -D spamhaus-droplist -s $ipblock -j DROP | |
| $IPT -D droplist -s $ipblock -j LOG –log-prefix “DROP Spamhaus List” | |
| done | |
| echo -n “Applying DROP list to existing firewall…” | |
| #This will drop all ips from spamhaus list. | |
| [ -f $FILE ] && /bin/rm -f $FILE || : | |
| cd /tmp | |
| wget $URL | |
| blocks=$(cat $FILE | egrep -v ‘^;’ | awk ‘{ print $1}’) | |
| $IPT -N spamhaus-droplist | |
| for ipblock in $blocks | |
| do | |
| $IPT -A droplist -s $ipblock -j LOG –log-prefix “DROP Spamhaus List” | |
| $IPT -A droplist -s $ipblock -j DROP | |
| done | |
| $IPT -I INPUT -j droplist | |
| $IPT -I OUTPUT -j droplist | |
| $IPT -I FORWARD -j droplist | |
| echo “…Done” |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment