Skip to content

Instantly share code, notes, and snippets.

Embed
What would you like to do?
Update IPTables with IP's from OpenBL
#!/bin/bash
CHAINLIST=$(/sbin/iptables -nL | grep 'Chain block-traffic-from-openbl' | cut -d\ -f 2)
if [ -z $CHAINLIST ]; then
/sbin/iptables -N block-traffic-from-openbl
/sbin/iptables -A INPUT -j block-traffic-from-openbl
fi
BLACKLIST=$(/usr/bin/curl -fs http://www.openbl.org/lists/base_7days.txt.gz | gunzip | egrep "[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}")
if [ $? -ne 0 ]; then
echo "Blacklist download failed."
exit
fi
/sbin/iptables -F block-traffic-from-openbl
IPCOUNT=$(echo $BLACKLIST | tr ' ' '\n' | wc -l)
echo "Adding $IPCOUNT IPs to blacklist. - $(date)"
echo $BLACKLIST | tr ' ' '\n' | while read -r line ; do
case "$line" in \#*) continue ;; esac
/sbin/iptables -A block-traffic-from-openbl -p tcp -s $line -j REJECT --reject-with tcp-reset
done
exit 0
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment