mirror of
https://github.com/mail-in-a-box/mailinabox.git
synced 2025-04-21 03:02:09 +00:00
54 lines
1.3 KiB
Bash
Executable File
54 lines
1.3 KiB
Bash
Executable File
#!/bin/bash
|
|
##
|
|
## Add the top 20 IP blocks that have been reported by DShield
|
|
##
|
|
## /etc/cron.daily/dshield
|
|
##
|
|
## Author: Alon "ChiefGyk" Ganon
|
|
## https://alonganon.info
|
|
## alon@ganon.me
|
|
|
|
datadir=/tmp
|
|
|
|
## Get default settings of fail2ban (optional?)
|
|
[ -r /etc/default/fail2ban ] && . /etc/default/fail2ban
|
|
|
|
umask 000
|
|
blacklistf=$datadir/dshield.txt
|
|
|
|
mv -vf $blacklistf $blacklistf.last
|
|
|
|
badlisturls="http://feeds.dshield.org/block.txt"
|
|
|
|
# Create the chain if it doesn't exist. Harmless if it does.
|
|
iptables -vN dshield
|
|
|
|
# Grab list(s) at http://feeds.dshield.org/block.txt . Block.
|
|
echo "Adding new blocks:"
|
|
curl -s http://feeds.dshield.org/block.txt \
|
|
|sort -u \
|
|
|tee $blacklistf \
|
|
|grep -v '^#\|:' \
|
|
|while read IP; do iptables -A dshield -p tcp -s $IP -j DROP; done
|
|
|
|
|
|
|
|
# Which listings had been removed since last time? Unblock.
|
|
echo "Removing old blocks:"
|
|
if [[ -r $blacklistf.diff ]]; then
|
|
# comm is brittle, cannot use sort -rn
|
|
time comm -23 $blacklistf.last $blacklistf \
|
|
|tee $blacklistf.delisted \
|
|
|grep -v '^#\|:' \
|
|
|while read IP; do iptables -w -D dshield -s $IP -j DROP || iptables -wv -D dshield -s $IP -j LOGDROP; done
|
|
|
|
fi
|
|
|
|
|
|
# prepare for next time.
|
|
diff -wbay $blacklistf.last $blacklistf > $blacklistf.diff
|
|
|
|
# save IPtable rules
|
|
iptables-save > /etc/iptables.up.rules
|
|
|
|
exit |