63 lines
1.2 KiB
Plaintext
63 lines
1.2 KiB
Plaintext
|
#!/bin/bash
|
||
|
|
||
|
|
||
|
echo "###### WHITELIST USA ######"
|
||
|
echo $(whoami)
|
||
|
|
||
|
echo "Waiting 2 minutes"
|
||
|
sleep "120"
|
||
|
echo "Creating ipset table"
|
||
|
|
||
|
sudo ipset -N usa_state hash:net -exist
|
||
|
echo $?
|
||
|
sudo ipset -F usa_state
|
||
|
echo $?
|
||
|
|
||
|
if [ -f "/tmp/us-aggregated.zone" ]
|
||
|
then
|
||
|
sudo rm /tmp/us-aggregated.zone
|
||
|
echo "Removing old ip list"
|
||
|
fi
|
||
|
|
||
|
sudo wget http://ipdeny.com/ipblocks/data/aggregated/us-aggregated.zone -O us-aggregated.zone
|
||
|
|
||
|
if [ $? -eq 0 ]
|
||
|
then
|
||
|
echo "Download Finished!"
|
||
|
else
|
||
|
echo "Download Failed: $?"
|
||
|
fi
|
||
|
|
||
|
|
||
|
echo "Adding Networks to ipset ..."
|
||
|
# add local networks
|
||
|
sudo ipset -A usa_state 192.168.0.0/16
|
||
|
sudo ipset -A usa_state 127.0.0.0/8
|
||
|
sudo ipset -A usa_state 10.0.0.0/8
|
||
|
sudo ipset -A usa_state 172.16.0.0/12
|
||
|
# add usa
|
||
|
#for net in `cat /tmp/us-aggregated.zone`
|
||
|
#do
|
||
|
# sudo ipset -A usa_state $net
|
||
|
#done
|
||
|
|
||
|
# Split File
|
||
|
split -l 6250 us-aggregated.zone
|
||
|
|
||
|
# Run Threads
|
||
|
/home/brickman/scripts/block_ips/add_ipset a &
|
||
|
/home/brickman/scripts/block_ips/add_ipset b &
|
||
|
/home/brickman/scripts/block_ips/add_ipset c &
|
||
|
/home/brickman/scripts/block_ips/add_ipset d &
|
||
|
/home/brickman/scripts/block_ips/add_ipset c &
|
||
|
|
||
|
wait
|
||
|
|
||
|
|
||
|
|
||
|
echo "Whitelisting USA with iptables..."
|
||
|
sudo iptables -A INPUT -m set ! --match-set usa_state src -j DROP
|
||
|
echo $?
|
||
|
echo "Done"
|
||
|
|