diff --git a/setup/blocklist.sh b/setup/blocklist.sh new file mode 100644 index 00000000..8923e23f --- /dev/null +++ b/setup/blocklist.sh @@ -0,0 +1,12 @@ +#!/bin/bash +# Add Blocklist.de malicious IP Addresses to Daily Crontab +# Also IPtables-persistent to save IP addresses upon reboot +# Added by Alon "ChiefGyk" Ganon +cp conf/blocklist/sync-fail2ban /etc/cron.daily/sync-fail2ban +chmod a+x /etc/cron.daily/sync-fail2ban +time /etc/cron.daily/sync-fail2ban +echo iptables-persistent iptables-persistent/autosave_v4 boolean true | sudo debconf-set-selections +echo iptables-persistent iptables-persistent/autosave_v6 boolean true | sudo debconf-set-selections +apt_install iptables-persistent +iptables-save > /etc/iptables/rules.v4 +ip6tables-save > /etc/iptables/rules.v6 \ No newline at end of file diff --git a/setup/start.sh b/setup/start.sh index 9d19a411..f4af0d07 100755 --- a/setup/start.sh +++ b/setup/start.sh @@ -127,6 +127,9 @@ management/ssl_certificates.py -q # If there aren't any mail users yet, create one. source setup/firstuser.sh +#Setup Blocklist +source setup/blocklist.sh + # Done. echo echo "-----------------------------------------------" diff --git a/setup/system.sh b/setup/system.sh index a9968b92..cc152524 100755 --- a/setup/system.sh +++ b/setup/system.sh @@ -298,15 +298,3 @@ cat conf/fail2ban/jail.local \ cp conf/fail2ban/dovecotimap.conf /etc/fail2ban/filter.d/dovecotimap.conf restart_service fail2ban - -# Add Blocklist.de malicious IP Addresses to Daily Crontab -# Also IPtables-persistent to save IP addresses upon reboot -# Added by Alon "ChiefGyk" Ganon -cp conf/blocklist/sync-fail2ban /etc/cron.daily/sync-fail2ban -chmod a+x /etc/cron.daily/sync-fail2ban -time /etc/cron.daily/sync-fail2ban -echo iptables-persistent iptables-persistent/autosave_v4 boolean true | sudo debconf-set-selections -echo iptables-persistent iptables-persistent/autosave_v6 boolean true | sudo debconf-set-selections -apt_install iptables-persistent -iptables-save > /etc/iptables/rules.v4 -ip6tables-save > /etc/iptables/rules.v6