mirror of
https://github.com/borekon/Blocklists.git
synced 2025-06-08 14:34:25 +02:00
Full path to iptables
This commit is contained in:
parent
ddaead417f
commit
73ffeee0d1
|
@ -15,6 +15,7 @@ TO_DOWNLOAD[2]="http://lists.blocklist.de/lists/apache.txt"
|
||||||
CHAINNAME="blocklist-de"
|
CHAINNAME="blocklist-de"
|
||||||
ACTION="REJECT" # Can be DROP
|
ACTION="REJECT" # Can be DROP
|
||||||
PRINT_REPORT=1
|
PRINT_REPORT=1
|
||||||
|
IPTABLES_PATH="/sbin/iptables"
|
||||||
|
|
||||||
########## Do not edit anything below this line ##########
|
########## Do not edit anything below this line ##########
|
||||||
|
|
||||||
|
@ -50,14 +51,14 @@ amountAfterSortAndUnique=`cat $fileFiltered | wc -l`
|
||||||
#
|
#
|
||||||
## Create chain if it does not exist
|
## Create chain if it does not exist
|
||||||
#
|
#
|
||||||
iptables --new-chain $CHAINNAME >/dev/null 2>&1
|
$IPTABLES_PATH --new-chain $CHAINNAME >/dev/null 2>&1
|
||||||
|
|
||||||
# Insert rule (if necesarry) into INPUT chain so the chain above will also be used
|
# Insert rule (if necesarry) into INPUT chain so the chain above will also be used
|
||||||
if [ `iptables -L INPUT | grep $CHAINNAME | wc -l` -eq 0 ]
|
if [ `$IPTABLES_PATH -L INPUT | grep $CHAINNAME | wc -l` -eq 0 ]
|
||||||
then
|
then
|
||||||
|
|
||||||
# Insert rule because it is not present
|
# Insert rule because it is not present
|
||||||
iptables -I INPUT -j $CHAINNAME
|
$IPTABLES_PATH -I INPUT -j $CHAINNAME
|
||||||
|
|
||||||
fi
|
fi
|
||||||
|
|
||||||
|
@ -68,7 +69,7 @@ while read currentIP
|
||||||
do
|
do
|
||||||
|
|
||||||
# Check via command
|
# Check via command
|
||||||
iptables -C $CHAINNAME -s $currentIP -j $ACTION >/dev/null 2>&1
|
$IPTABLES_PATH -C $CHAINNAME -s $currentIP -j $ACTION >/dev/null 2>&1
|
||||||
|
|
||||||
# Now we have to check the exit code of iptables via $?
|
# Now we have to check the exit code of iptables via $?
|
||||||
#
|
#
|
||||||
|
@ -79,7 +80,7 @@ do
|
||||||
then
|
then
|
||||||
|
|
||||||
# Append the IP
|
# Append the IP
|
||||||
iptables -A $CHAINNAME -s $currentIP -j $ACTION >/dev/null 2>&1
|
$IPTABLES_PATH -A $CHAINNAME -s $currentIP -j $ACTION >/dev/null 2>&1
|
||||||
|
|
||||||
# Increment the counter
|
# Increment the counter
|
||||||
amountInserted=$((amountInserted + 1))
|
amountInserted=$((amountInserted + 1))
|
||||||
|
@ -96,14 +97,14 @@ do
|
||||||
then
|
then
|
||||||
# Delete the rule by its rulenumber
|
# Delete the rule by its rulenumber
|
||||||
# Because changing the action would result in errors
|
# Because changing the action would result in errors
|
||||||
iptables -D $CHAINNAME -s $currentIP -j $ACTION >/dev/null 2>&1
|
$IPTABLES_PATH -D $CHAINNAME -s $currentIP -j $ACTION >/dev/null 2>&1
|
||||||
|
|
||||||
# Increment the counter
|
# Increment the counter
|
||||||
amountDeleted=$((amountDeleted + 1))
|
amountDeleted=$((amountDeleted + 1))
|
||||||
|
|
||||||
fi
|
fi
|
||||||
|
|
||||||
done <<< "`iptables -n -L blocklist-de | awk '{print $4}'`"
|
done <<< "`$IPTABLES_PATH -n -L blocklist-de | awk '{print $4}'`"
|
||||||
|
|
||||||
## Print report
|
## Print report
|
||||||
if [ $PRINT_REPORT -eq 1 ]
|
if [ $PRINT_REPORT -eq 1 ]
|
||||||
|
|
Loading…
Reference in New Issue
Block a user