diff --git a/conf/blacklist b/conf/blacklist index 104233e5..2254583d 100644 --- a/conf/blacklist +++ b/conf/blacklist @@ -102,7 +102,4 @@ echo "Done!" # remove the spam list unlink $FILE -# Persistence -ipset save > /etc/iptables/rules.ipsets -iptables-save > /etc/iptables/rules.v4 -ip6tables-save > /etc/iptables/rules.v6 \ No newline at end of file +/etc/init.d/iptables-persistent save \ No newline at end of file diff --git a/conf/china b/conf/china index dbe47978..8a38549e 100644 --- a/conf/china +++ b/conf/china @@ -3,5 +3,4 @@ curl http://www.okean.com/antispam/iptables/rc.firewall.china > /tmp/china.sh chmod +x /tmp/china.sh source /tmp/china.sh rm -f /tmp/china.sh -invoke-rc.d iptables-persistent save - +/etc/init.d/iptables-persistent save diff --git a/conf/dialog.sh b/conf/dialog.sh index 66555510..9ae751c4 100755 --- a/conf/dialog.sh +++ b/conf/dialog.sh @@ -26,31 +26,23 @@ clear case $CHOICE in 1) echo "Are you Donald Trump?" - echo iptables-persistent iptables-persistent/autosave_v4 boolean true | debconf-set-selections - echo iptables-persistent iptables-persistent/autosave_v6 boolean true | debconf-set-selections cp conf/china /etc/cron.weekly/china chmod +x /etc/cron.weekly/china time /etc/cron.weekly/china - apt-get install -y iptables-persistent ;; 2) echo "Starting the Korean war again" - echo iptables-persistent iptables-persistent/autosave_v4 boolean true | debconf-set-selections - echo iptables-persistent iptables-persistent/autosave_v6 boolean true | debconf-set-selections cp conf/korea /etc/cron.weekly/korea chmod +x /etc/cron.weekly/korea time /etc/cron.weekly/korea - apt-get install -y iptables-persistent - ;; + ;; 3) echo "Blocking almost 1/3 of the world" - echo iptables-persistent iptables-persistent/autosave_v4 boolean true | debconf-set-selections - echo iptables-persistent iptables-persistent/autosave_v6 boolean true | debconf-set-selections cp conf/sinokorea /etc/cron.weekly/sinokorea chmod +x /etc/cron.weekly/sinokorea time /etc/cron.weekly/sinokorea - apt-get install -y iptables-persistent ;; + 4) echo "doing nothing" - ;; + ;; esac \ No newline at end of file diff --git a/conf/korea b/conf/korea index 178e0a0b..ba0e110d 100644 --- a/conf/korea +++ b/conf/korea @@ -3,4 +3,5 @@ curl http://www.okean.com/antispam/iptables/rc.firewall.korea > /tmp/korea.sh chmod +x /tmp/korea.sh source /tmp/korea.sh rm -f /tmp/korea.sh -invoke-rc.d iptables-persistent save +/etc/init.d/iptables-persistent save + diff --git a/conf/sinokorea b/conf/sinokorea index 1bd06b17..75ca14d0 100644 --- a/conf/sinokorea +++ b/conf/sinokorea @@ -3,5 +3,5 @@ curl http://www.okean.com/antispam/iptables/rc.firewall.sinokorea > /tmp/sinokor chmod +x /tmp/sinokorea.sh source /tmp/sinokorea.sh rm -f /tmp/sinokorea.sh -invoke-rc.d iptables-persistent save - +ipset save > /etc/ipset.up.rules +iptables-save > /etc/iptables.up.rules diff --git a/install.sh b/install.sh index 717e4c0c..9f97699e 100755 --- a/install.sh +++ b/install.sh @@ -13,22 +13,16 @@ if [[ $EUID -ne 0 ]]; then echo exit fi -echo iptables-persistent iptables-persistent/autosave_v4 boolean true | debconf-set-selections -echo iptables-persistent iptables-persistent/autosave_v6 boolean true | debconf-set-selections +echo iptables-persistent iptables-persistent/autosave_v4 boolean false | debconf-set-selections +echo iptables-persistent iptables-persistent/autosave_v6 boolean false | debconf-set-selections apt-get update -apt-get install -y ipset dialog -mkdir /etc/ipset +apt-get install -y ipset dialog iptables-persistent +cp conf/iptables-persistent /etc/init.d/iptables-persistent ipset create blacklist hash:net iptables -I INPUT -m set --match-set blacklist src -j DROP cp conf/blacklist /etc/cron.daily/blacklist chmod a+x /etc/cron.daily/blacklist time /etc/cron.daily/blacklist source conf/dialog.sh -apt-get install -y iptables-persistent -cp conf/iptables-persistent /etc/init.d/iptables-persistent -iptables-save > /etc/iptables/rules.v4 -ip6tables-save > /etc/iptables/rules.v6 -#invoke-rc.d iptables-persistent save -#sed -e '$i \/sbin/iptables-restore < /etc/iptables_rules\n' /etc/rc.local -#sed -i -e '$ \/sb +/etc/init.d/iptables-persistent save echo "Blacklist has been installed. It will run daily automatically."