merging and credits, added malc0de IP blacklist

README.md

@@ -11,11 +11,22 @@ I have also added the capability to block all Chinese and/or Korean IP Addresses
 
 2.2 added Dshields top 20 blocks of IP addresses that are malicious, and blocks them daily. It has been merged into the /etc/cron.daily/blacklist created prior. The Dshield script was originally found at https://github.com/koconder/dshield_automatic_iptables
 
-2.3 is a big fix for some bugs I had, so longer requires editing interfaces file. Instead install iptables-persistent, replaces the /etc/init.d/iptables-persistent with another one on GitHub ( https://github.com/jordanrinke/ipsets-persistent ). This does the same for IPtables, but also will save and restore ipset lists as well. The new init.d file has added the ability to save iptables and ipsec configuration from the service command.
+2.3 is a big fix for some bugs I had, so longer requires editing interfaces file. Instead install iptables-persistent, replaces the /etc/init.d/iptables-persistent with another one on GitHub ( https://github.com/jordanrinke/ipsets-persistent ). Read below where it says ipsets-persistent
 
 2.4 Added the Tor exit node blocking being optional, and rearranged some code and files.
 
 Simply run this once, and that's it.
 sudo ./install.sh 
 alon@ganon.me
+
 https://alonganon.info
+
+
+ipsets-persistent
+=================
+
+init.d script for iptables-persistent on Debian/Ubuntu that also saves/loads ipsets
+
+
+I added checking for and saving ipsets. sets are saved in the same place as the other rules in a file named rules.ipset. Rules are only saved if they are defined, same with flushing and loading. Instead of checking to see if ipset is installed on the load, I just check for the rules.ipset file, since if that doesn't exist loading does't make sense. There might be better ways to do it, feel free to submit a pull etc. this is just the way I made it work for me.
+

conf/blacklist

@@ -3,14 +3,13 @@ IPTABLES=/sbin/iptables
 URL=http://feeds.dshield.org/block.txt
 FILE=/tmp/dshield_block.text
 CHAIN=dshield
-
 IP_TMP=/tmp/ip.tmp
 IP_BLACKLIST=/etc/ip-blacklist.conf
 IP_BLACKLIST_TMP=/tmp/ip-blacklist.tmp
 BLACKLISTS=(
 # Project Honey Pot Directory of Dictionary Attacker IPs
 "http://www.projecthoneypot.org/list_of_ips.php?t=d&rss=1" 
-# TOR Exit Nodes
+# TOR Exit Nodes this will block all access to Tor
 "http://check.torproject.org/cgi-bin/TorBulkExitList.py?ip=1.1.1.1"
 # BruteForceBlocker
 "http://danger.rulez.sk/projects/bruteforceblocker/blist.php" 
@@ -28,6 +27,8 @@ BLACKLISTS=(
 "https://www.malwaredomainlist.com/hostslist/ip.txt"
 # ZeusTracker
 "https://zeustracker.abuse.ch/blocklist.php?download=ipblocklist"
+# malc0de IP blacklist
+"http://malc0de.com/bl/IP_Blacklist.txt"
 )
 for i in "${BLACKLISTS[@]}"
 do
@@ -53,7 +54,7 @@ done
 # Import Dshield Blocklist in a basic shell script which will run silently via cron
 # and also use a seprate chain file to support other iptables rules without flushing
 # i.e. fail2ban and ddosdeflate
-
+# some modifications by Alon Ganon (alon@ganon.me)
 
 
 # check to see if the chain already exists
@@ -65,7 +66,7 @@ if [ $? -eq 0 ]; then
     # flush the old rules
     $IPTABLES -F $CHAIN
 
-    echo "Flushed old rules. Applying updated dshield list...."    
+    echo "Flushed old rules..."    
 
 else