ip_block/whitelist_us

63 lines
1.2 KiB
Plaintext
Raw Permalink Normal View History

2023-06-14 15:56:42 +00:00
#!/bin/bash
echo "###### WHITELIST USA ######"
echo $(whoami)
echo "Waiting 2 minutes"
sleep "120"
echo "Creating ipset table"
sudo ipset -N usa_state hash:net -exist
echo $?
sudo ipset -F usa_state
echo $?
if [ -f "/tmp/us-aggregated.zone" ]
then
sudo rm /tmp/us-aggregated.zone
echo "Removing old ip list"
fi
sudo wget http://ipdeny.com/ipblocks/data/aggregated/us-aggregated.zone -O us-aggregated.zone
if [ $? -eq 0 ]
then
echo "Download Finished!"
else
echo "Download Failed: $?"
fi
echo "Adding Networks to ipset ..."
# add local networks
sudo ipset -A usa_state 192.168.0.0/16
sudo ipset -A usa_state 127.0.0.0/8
sudo ipset -A usa_state 10.0.0.0/8
sudo ipset -A usa_state 172.16.0.0/12
# add usa
#for net in `cat /tmp/us-aggregated.zone`
#do
# sudo ipset -A usa_state $net
#done
# Split File
split -l 6250 us-aggregated.zone
# Run Threads
/home/brickman/scripts/block_ips/add_ipset a &
/home/brickman/scripts/block_ips/add_ipset b &
/home/brickman/scripts/block_ips/add_ipset c &
/home/brickman/scripts/block_ips/add_ipset d &
/home/brickman/scripts/block_ips/add_ipset c &
wait
echo "Whitelisting USA with iptables..."
sudo iptables -A INPUT -m set ! --match-set usa_state src -j DROP
echo $?
echo "Done"