Last active
April 5, 2024 00:01
-
-
Save bfgits/355ab371267b44e166da607da5fcba9f to your computer and use it in GitHub Desktop.
get china ip
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #!/bin/sh | |
| #获取中国IP段 | |
| wget -c http://ftp.apnic.net/stats/apnic/delegated-apnic-latest | |
| cat delegated-apnic-latest | awk -F '|' '/CN/&&/ipv4/ {print $4 "/" 32-log($5)/log(2)}' | cat > ./cn_ip_list.conf | |
| # install ipset | |
| apt-get install ipset -y | |
| # create china ipset and add cn_ip_list into china ipset | |
| # https://ipset.netfilter.org/tips.html | |
| ipset -N china_ip_set hash:net maxelem 65536 | |
| for ip in $(cat './cn_rules.conf'); do | |
| ipset add china_ip_set $ip | |
| done | |
| # iptable使用china_ip_set 配置防火墙 | |
| iptables -t nat -A GW2 -p tcp -m set --match-set china_ip_set dst -j RETURN |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment