solarisfire/iptable_block_defederated.sh

## iptable_block_defederated.sh
#############################################################################
#
#  Script to Firewall Defederated Servers from Local Instance
#  Modified from original at: https://wiki.friendsofdesoto.social/en/Technical_Details#defederation-firewall
#
#############################################################################
#!/bin/bash

#Set the name of the Mastodon Database
DB=mastodon_production

ipset -L defederated >/dev/null 2>&1
if [ $? -ne 0 ]; then
ipset create defederated hash:net
iptables -I INPUT -m set --match-set defederated src -j DROP
else
ipset flush defederated
fi
list=`sudo -u postgres psql -d $DB -t -c "select domain from domain_blocks where severity=1;"`
for i in $list
do
ips=`dig +short $i`
for p in $ips
do
ipset add defederated $p
done
done
	#############################################################################
	#
	# Script to Firewall Defederated Servers from Local Instance
	# Modified from original at: https://wiki.friendsofdesoto.social/en/Technical_Details#defederation-firewall
	#
	#############################################################################
	#!/bin/bash

	#Set the name of the Mastodon Database
	DB=mastodon_production

	ipset -L defederated >/dev/null 2>&1
	if [ $? -ne 0 ]; then
	ipset create defederated hash:net
	iptables -I INPUT -m set --match-set defederated src -j DROP
	else
	ipset flush defederated
	fi
	list=`sudo -u postgres psql -d $DB -t -c "select domain from domain_blocks where severity=1;"`
	for i in $list
	do
	ips=`dig +short $i`
	for p in $ips
	do
	ipset add defederated $p
	done
	done