Last active
February 1, 2018 23:04
-
-
Save cypnk/a9831a099908a25a0cf35dcc2adaef16 to your computer and use it in GitHub Desktop.
Grab Spamhaus DROP list and create a pf compatible blocklist
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
#!/bin/sh | |
# This is an OpenBSD compatible shell script using the ftp utility | |
# to download the latest Spamhaus DROP list IP ranges and create a | |
# pf compatible IP list | |
# Files (make sure the PFDROP file actually exists) | |
PFDROP=/etc/blocklists/spamhaus | |
# Lists | |
set -A BLOCKLISTS \ | |
"https://www.spamhaus.org/drop/drop.txt" \ | |
"https://www.spamhaus.org/drop/edrop.txt" \ | |
"https://www.spamhaus.org/drop/dropv6.txt" | |
# Use the following format on Linux | |
# BLOCKLISTS=( | |
# "https://www.spamhaus.org/drop/drop.txt" | |
# "https://www.spamhaus.org/drop/edrop.txt" | |
# "https://www.spamhaus.org/drop/dropv6.txt" | |
#) | |
# Create tempfiles | |
TMP1=`mktemp -t dropraw.XXXXXXXXXX` || exit 1 | |
TMP2=`mktemp -t dropcom.XXXXXXXXXX` || exit 1 | |
# Download and process each blocklist | |
for URL in "${BLOCKLISTS[@]}"; do | |
# Blocklist header | |
echo -e "\n\n# Blocklist: $URL\n" >>$TMP2 | |
# Fetch the drop list and store in temp file | |
ftp -o $TMP1 $URL | |
# If you're on Linux, comment the above line and uncomment this line | |
# wget -q -O $TMP1 $URL | |
# Clean up the list into pf digestible format | |
cut -d ';' -f 1 $TMP1 | sed -e '/^$/d' >>$TMP2 | |
done | |
# Comment header (starts by overwriting) | |
echo "# Combined Spamhaus blocklist " >$PFDROP | |
echo "# Generated for `hostname` on `date`" >>$PFDROP | |
# Remove any duplicates (preserving whitespaces) | |
awk '!NF || a[$0]++' $TMP2 | |
# Append compiled list | |
cat $TMP2 >>$PFDROP | |
# Clean up temp files | |
rm -f $TMP1 | |
rm -f $TMP2 | |
echo "Generated blocklist on `date`" | |
# To use this, first make sure the following 3 lines are in your pf.conf : | |
# table <spamhaus> persist file "/etc/blocklists/spamhaus" | |
# block in quick on egress from <spamhaus> to any | |
# block return out quick on egress from any to <spamhaus> | |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment