a2nt/generate-nginx-iblock

## generate-nginx-iblock
#!/usr/bin/env sh

# Required: ipcalc to convert IP Ranges to IP CIDR format supported by nginx
# http://ipcalc.readthedocs.io/en/latest/
# Debian based installation: apt install ipcalc

get_blacklist(){
    wget $1 -O /tmp/iblocklist.gz
    gzip -d /tmp/iblocklist.gz
    grep -o '^[^#]*' /tmp/iblocklist | awk -F ":" 'NF {system("ipcalc " $2 " | tail -1 | xargs echo -n"); print " 1;"}' >> /tmp/iblock-list.conf
    rm /tmp/iblocklist

}

rm /tmp/iblocklist.gz
rm /tmp/iblocklist
rm /tmp/iblock-list.conf

# DROP
get_blacklist 'http://list.iblocklist.com/?list=zbdlwrqkabxbcppvrnos&fileformat=p2p&archiveformat=gz'
# hijacked
get_blacklist 'http://list.iblocklist.com/?list=usrcshglbiilevmyfhse&fileformat=p2p&archiveformat=gz'
# known Hackers
get_blacklist 'http://list.iblocklist.com/?list=xpbqleszmajjesnzddhv&fileformat=p2p&archiveformat=gz'
# forum spammers
get_blacklist 'http://list.iblocklist.com/?list=ficutxiwawokxlcyoeye&fileformat=p2p&archiveformat=gz'
# webexploit
get_blacklist 'http://list.iblocklist.com/?list=ghlzqtqxnzctvvajwwag&fileformat=p2p&archiveformat=gz'
# ZEUS
get_blacklist 'http://list.iblocklist.com/?list=ynkdjqsjyfmilsgbogqf&fileformat=p2p&archiveformat=gz'
# CruzIT
get_blacklist 'http://list.iblocklist.com/?list=czvaehmjpsnwwttrdoyl&fileformat=p2p&archiveformat=gz'
# Anti copyrighters
#get_blacklist 'http://list.iblocklist.com/?list=ydxerpxkpcfqjaybcssw&fileformat=p2p&archiveformat=gz'
get_blacklist 'http://list.iblocklist.com/?list=ua&fileformat=p2p&archiveformat=gz'

# write nginx config
LISTIBLOCK=/etc/nginx/conf.d/iblock-list.conf
echo '# WARNING! This file was generated. Do not change!' > "${LISTIBLOCK}"
echo 'geo $iblock {' >> "${LISTIBLOCK}"
echo 'default 0;' >> "${LISTIBLOCK}"
sort /tmp/iblock-list.conf | sed -e 's/^[ \t]*//' | sed '/ipcalc 0.41 1;/d' | sed '/$1;/d' | uniq >> "${LISTIBLOCK}"
echo '}' >> "${LISTIBLOCK}"

rm /tmp/iblock-list.conf
	#!/usr/bin/env sh

	# Required: ipcalc to convert IP Ranges to IP CIDR format supported by nginx
	# http://ipcalc.readthedocs.io/en/latest/
	# Debian based installation: apt install ipcalc

	get_blacklist(){
	wget $1 -O /tmp/iblocklist.gz
	gzip -d /tmp/iblocklist.gz
	grep -o '^[^#]*' /tmp/iblocklist \| awk -F ":" 'NF {system("ipcalc " $2 " \| tail -1 \| xargs echo -n"); print " 1;"}' >> /tmp/iblock-list.conf
	rm /tmp/iblocklist

	}

	rm /tmp/iblocklist.gz
	rm /tmp/iblocklist
	rm /tmp/iblock-list.conf

	# DROP
	get_blacklist 'http://list.iblocklist.com/?list=zbdlwrqkabxbcppvrnos&fileformat=p2p&archiveformat=gz'
	# hijacked
	get_blacklist 'http://list.iblocklist.com/?list=usrcshglbiilevmyfhse&fileformat=p2p&archiveformat=gz'
	# known Hackers
	get_blacklist 'http://list.iblocklist.com/?list=xpbqleszmajjesnzddhv&fileformat=p2p&archiveformat=gz'
	# forum spammers
	get_blacklist 'http://list.iblocklist.com/?list=ficutxiwawokxlcyoeye&fileformat=p2p&archiveformat=gz'
	# webexploit
	get_blacklist 'http://list.iblocklist.com/?list=ghlzqtqxnzctvvajwwag&fileformat=p2p&archiveformat=gz'
	# ZEUS
	get_blacklist 'http://list.iblocklist.com/?list=ynkdjqsjyfmilsgbogqf&fileformat=p2p&archiveformat=gz'
	# CruzIT
	get_blacklist 'http://list.iblocklist.com/?list=czvaehmjpsnwwttrdoyl&fileformat=p2p&archiveformat=gz'
	# Anti copyrighters
	#get_blacklist 'http://list.iblocklist.com/?list=ydxerpxkpcfqjaybcssw&fileformat=p2p&archiveformat=gz'
	get_blacklist 'http://list.iblocklist.com/?list=ua&fileformat=p2p&archiveformat=gz'

	# write nginx config
	LISTIBLOCK=/etc/nginx/conf.d/iblock-list.conf
	echo '# WARNING! This file was generated. Do not change!' > "${LISTIBLOCK}"
	echo 'geo $iblock {' >> "${LISTIBLOCK}"
	echo 'default 0;' >> "${LISTIBLOCK}"
	sort /tmp/iblock-list.conf \| sed -e 's/^[ \t]*//' \| sed '/ipcalc 0.41 1;/d' \| sed '/$1;/d' \| uniq >> "${LISTIBLOCK}"
	echo '}' >> "${LISTIBLOCK}"

	rm /tmp/iblock-list.conf