pallas/spamhaus-update.sh

## spamhaus-update.sh
#!/bin/bash
# Author: Derrick Pallas
# License: zlib
BASE='spamhaus-set'
TEMP=${BASE}$$

ipset create -exist "$BASE" hash:net || exit 1
iptables -w 300 -nL INPUT | grep -q "$BASE" ||
(
        ( iptables -N "$BASE" || iptables -F "$BASE" ) &&
        iptables -A "$BASE" -m set --match-set "$BASE" src -j DROP &&
        iptables -A INPUT ! -i lo -j "$BASE" &&
        true
) || exit 1

function atexit {
        ipset destroy "$TEMP"
} ; trap atexit EXIT

ipset create "$TEMP" hash:net &&
( set -o pipefail
curl -s \
        https://www.spamhaus.org/drop/drop.txt \
        https://www.spamhaus.org/drop/edrop.txt \
        |
sed -e '/^#/d' -e 's/;.\+$//' |
cut -f 1 |
sort -u |
grep -v : |
while read net ; do
        ipset add "$TEMP" "$net" 2>/dev/null
done
) && ipset swap "$TEMP" "$BASE"
#
	#!/bin/bash
	# Author: Derrick Pallas
	# License: zlib
	BASE='spamhaus-set'
	TEMP=${BASE}$$

	ipset create -exist "$BASE" hash:net \|\| exit 1
	iptables -w 300 -nL INPUT \| grep -q "$BASE" \|\|
	(
	( iptables -N "$BASE" \|\| iptables -F "$BASE" ) &&
	iptables -A "$BASE" -m set --match-set "$BASE" src -j DROP &&
	iptables -A INPUT ! -i lo -j "$BASE" &&
	true
	) \|\| exit 1

	function atexit {
	ipset destroy "$TEMP"
	} ; trap atexit EXIT

	ipset create "$TEMP" hash:net &&
	( set -o pipefail
	curl -s \
	https://www.spamhaus.org/drop/drop.txt \
	https://www.spamhaus.org/drop/edrop.txt \
	\|
	sed -e '/^#/d' -e 's/;.\+$//' \|
	cut -f 1 \|
	sort -u \|
	grep -v : \|
	while read net ; do
	ipset add "$TEMP" "$net" 2>/dev/null
	done
	) && ipset swap "$TEMP" "$BASE"
	#