#!/bin/bash


echo "###### WHITELIST USA ######"
echo $(whoami)

echo "Waiting 2 minutes"
sleep "120"
echo "Creating ipset table"

sudo ipset -N usa_state hash:net -exist
echo $?
sudo ipset -F usa_state
echo $?

if [ -f "/tmp/us-aggregated.zone" ]
then
	sudo rm /tmp/us-aggregated.zone
	echo "Removing old ip list"
fi

sudo wget http://ipdeny.com/ipblocks/data/aggregated/us-aggregated.zone -O us-aggregated.zone

if [ $? -eq 0 ]
then
	echo "Download Finished!"
else
	echo "Download Failed: $?"
fi


echo "Adding Networks to ipset ..."
# add local networks
sudo ipset -A usa_state 192.168.0.0/16
sudo ipset -A usa_state 127.0.0.0/8
sudo ipset -A usa_state 10.0.0.0/8
sudo ipset -A usa_state 172.16.0.0/12
# add usa
#for net in `cat /tmp/us-aggregated.zone`
#do
#	sudo ipset -A usa_state $net
#done

# Split File
split -l 6250 us-aggregated.zone

# Run Threads
/home/brickman/scripts/block_ips/add_ipset a &
/home/brickman/scripts/block_ips/add_ipset b &
/home/brickman/scripts/block_ips/add_ipset c &
/home/brickman/scripts/block_ips/add_ipset d &
/home/brickman/scripts/block_ips/add_ipset c &

wait



echo "Whitelisting USA with iptables..."
sudo iptables -A INPUT -m set ! --match-set usa_state src -j DROP
echo $?
echo "Done"