replace table contents instead of reloading pf ruleset at each crontab interval

block country @ pf

#!/bin/sh

PFDIR=/etc/pf-files
ZONEFILE=blocked_zones

mkdir -p ${PFDIR}
> ${PFDIR}/${ZONEFILE}

for ZONE in cn az by kz kg ru tj tm uz vn
do
ftp -o - http://ipdeny.com/ipblocks/data/countries/${ZONE}.zone >> ${PFDIR}/${ZONEFILE}
#sleep 3 #respect ipdeny policies
done

pfctl -t blocked_zones -T replace `cat ${PFDIR}/${ZONEFILE}`