From 8348448448c56034b373e75ea6d7c32f028bfb50 Mon Sep 17 00:00:00 2001
From: Alfonso <vivancos@outlook.es>
Date: Sat, 11 Apr 2020 10:44:21 +0200
Subject: [PATCH] Update blocklist-update.sh
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

Added statement to return if there's no matching ip. We should not accept non-matching ip; returning to keep beíng proccessed (ie fail2ban).
---
 blocklist-update.sh | 2 ++
 1 file changed, 2 insertions(+)

diff --git a/blocklist-update.sh b/blocklist-update.sh
index 2813fea..31a5fdb 100644
--- a/blocklist-update.sh
+++ b/blocklist-update.sh
@@ -97,6 +97,8 @@ then
 	# Create the one and only firewall rule
 	$IPTABLES_PATH -I $CHAINNAME -m set --match-set $CHAINNAME src -j $ACTION >>$MAILLOG 2>&1
 fi
+echo "Adding the return statement to the chain. We do not want to accept a non-matching ip; think about fail2ban" >>$MAILLOG
+$IPTABLES_PATH -A $CHAINNAME -j RETURN >>$MAILLOG 2>&1
 
 ## Read all IPs from the downloaded IP list and fill up the ipset filter set
 echo "" >>$MAILLOG