stackia/anti-dns-spoofing-iptables.sh

## anti-dns-spoofing-iptables.sh
#!/bin/bash
BADIP="74.125.127.102 74.125.155.102 74.125.39.102 74.125.39.113 209.85.229.138 128.121.126.139 159.106.121.75 169.132.13.103 192.67.198.6 202.106.1.2 202.181.7.85 203.161.230.171 203.98.7.65 207.12.88.98 208.56.31.43 209.145.54.50 209.220.30.174 209.36.73.33 211.94.66.147 213.169.251.35 216.221.188.182 216.234.179.13 243.185.187.39 37.61.54.158 4.36.66.178 46.82.174.68 59.24.3.173 64.33.88.161 64.33.99.47 64.66.163.251 65.104.202.252 65.160.219.113 66.45.252.237 72.14.205.104 72.14.205.99 78.16.49.15 8.7.198.45 93.46.8.89"
for IP in $BADIP
do
  hexip=$(printf '%02X ' ${IP//./ }; echo)
  #echo $hexip
  iptables -I INPUT -p udp --sport 53 -m string --algo bm --hex-string "|$hexip|" --from 60 --to 180 -j DROP
  iptables -I FORWARD -p udp --sport 53 -m string --algo bm --hex-string "|$hexip|" --from 60 --to 180 -j DROP
done
	#!/bin/bash
	BADIP="74.125.127.102 74.125.155.102 74.125.39.102 74.125.39.113 209.85.229.138 128.121.126.139 159.106.121.75 169.132.13.103 192.67.198.6 202.106.1.2 202.181.7.85 203.161.230.171 203.98.7.65 207.12.88.98 208.56.31.43 209.145.54.50 209.220.30.174 209.36.73.33 211.94.66.147 213.169.251.35 216.221.188.182 216.234.179.13 243.185.187.39 37.61.54.158 4.36.66.178 46.82.174.68 59.24.3.173 64.33.88.161 64.33.99.47 64.66.163.251 65.104.202.252 65.160.219.113 66.45.252.237 72.14.205.104 72.14.205.99 78.16.49.15 8.7.198.45 93.46.8.89"
	for IP in $BADIP
	do
	hexip=$(printf '%02X ' ${IP//./ }; echo)
	#echo $hexip
	iptables -I INPUT -p udp --sport 53 -m string --algo bm --hex-string "\|$hexip\|" --from 60 --to 180 -j DROP
	iptables -I FORWARD -p udp --sport 53 -m string --algo bm --hex-string "\|$hexip\|" --from 60 --to 180 -j DROP
	done