Grab Spamhaus DROP list and create a pf compatible blocklist

spamhaus.sh

#!/bin/sh

# This is an OpenBSD compatible shell script using the ftp utility 
# to download the latest Spamhaus DROP list IP ranges and create a
# pf compatible IP list

# Files (make sure the PFDROP file actually exists)
PFDROP=/etc/blocklists/spamhaus

# Lists
set -A BLOCKLISTS \
	"https://www.spamhaus.org/drop/drop.txt"	\
	"https://www.spamhaus.org/drop/edrop.txt"	\
	"https://www.spamhaus.org/drop/dropv6.txt"

# Use the following format on Linux
# BLOCKLISTS=(
#	"https://www.spamhaus.org/drop/drop.txt"
#	"https://www.spamhaus.org/drop/edrop.txt"
#	"https://www.spamhaus.org/drop/dropv6.txt"
#)

# Create tempfiles
TMP1=`mktemp -t dropraw.XXXXXXXXXX` || exit 1
TMP2=`mktemp -t dropcom.XXXXXXXXXX` || exit 1

# Download and process each blocklist
for URL in "${BLOCKLISTS[@]}"; do 
	
	# Blocklist header
	echo -e "\n\n# Blocklist: $URL\n" >>$TMP2
	
	# Fetch the drop list and store in temp file
	ftp -o $TMP1 $URL
	
	# If you're on Linux, comment the above line and uncomment this line
	# wget -q -O $TMP1 $URL
	
	# Clean up the list into pf digestible format
	cut -d ';' -f 1 $TMP1 | sed -e '/^$/d' >>$TMP2
	
done

# Comment header (starts by overwriting)
echo "# Combined Spamhaus blocklist " >$PFDROP
echo "# Generated for `hostname` on `date`" >>$PFDROP

# Remove any duplicates (preserving whitespaces)
awk '!NF || a[$0]++' $TMP2

# Append compiled list
cat $TMP2 >>$PFDROP

# Clean up temp files
rm -f $TMP1
rm -f $TMP2

echo "Generated blocklist on `date`"

# To use this, first make sure the following 3 lines are in your pf.conf :

# table <spamhaus> persist file "/etc/blocklists/spamhaus"
# block in quick on egress from <spamhaus> to any
# block return out quick on egress from any to <spamhaus>