diff --git a/blocklist.sh b/blocklist.sh index 5fa5518..ddf5b18 100644 --- a/blocklist.sh +++ b/blocklist.sh @@ -16,8 +16,10 @@ if [ -f $SORT_PATH ]; then echo "sort OK"; else echo "Cannot find [ sort ]. Is i if [ ! -f $GREP_PATH ]; then echo "Cannot find [ grep ]. Is it installed? Exiting"; exit 1; fi; echo "Downloading the most recent IP list from $BLOCKLISTDE ... and adding them to ipset blocklistde" +ipset create blocklistde hash:ip curl -s https://lists.blocklist.de/lists/all.txt | grep -E -o "(25[0-5]|2[0-4][0-9]|[01]?[0-9][0-9]?)\.(25[0-5]|2[0-4][0-9]|[01]?[0-9][0-9]?)\.(25[0-5]|2[0-4][0-9]|[01]?[0-9][0-9]?)\.(25[0-5]|2[0-4][0-9]|[01]?[0-9][0-9]?)" | xargs -L1 ipset add blocklistde echo "Downloading the most recent IP list from $BLOCKLISTDE ... and adding them to ipset crawlers" +ipset create crawler_bots hash:ip curl -s https://isc.sans.edu/api/threatcategory/research?json | jq '.[] | {ipv4}' | grep ':' | awk '{ print $2 }' | tr -d '"' | xargs -L1 ipset add crawler_bots echo "Adding the iptables rules..." iptables -I INPUT -m set --match-set crawler_bots src -j DROP