Initial commit

cinsarmy.sh

@@ -0,0 +1,47 @@
+#!/bin/bash
+
+BADGUYS_FILE="/root/ci-badguys.txt"
+CHAIN_NAME="CINSARMY_IPS"
+FIREWALL="/sbin/iptables"
+ETH="eth1"
+
+echo "Downloading the cinsarmy bad guys list of IPs."
+
+wget -c https://cinsscore.com/list/ci-badguys.txt -O $BADGUYS_FILE
+
+echo "Making sure it downloaded..."
+
+# Check if the file exists
+if [[ ! -f "$BADGUYS_FILE" ]]; then
+    echo "File not found: $BADGUYS_FILE"
+    exit 1
+fi
+
+# Check if the chain exists, and creates it if it's not there
+if $FIREWALL -L $CHAIN_NAME -n &> /dev/null; then
+    echo "Chain $CHAIN_NAME already exists."
+    $FIREWALL -F $CHAIN_NAME
+else
+    echo "Creating chain $CHAIN_NAME."
+    $FIREWALL -N $CHAIN_NAME
+    # Jump to our chain from the FORWARD chain
+    $FIREWALL -A FORWARD -j $CHAIN_NAME
+fi
+
+echo "Processing the updated bad guys list..."
+
+# Read each line (IP address) from the file and block it
+while IFS= read -r ip; do
+    # Check if the line is not empty
+    if [[ -n "$ip" ]]; then
+        # Block the IP address using $FIREWALL
+        $FIREWALL -A $CHAIN_NAME -i $ETH -s "$ip" -j DROP
+        # echo "Blocked IP: $ip"
+    fi
+done < "$BADGUYS_FILE"
+
+# Delete the bad guys file
+rm $BADGUYS_FILE
+
+echo "Bad guys list has been processed, and deleted."
+

quietcinsarmy.sh

@@ -0,0 +1,48 @@
+#!/bin/bash
+
+BADGUYS_FILE="/root/ci-badguys.txt"
+CHAIN_NAME="CINSARMY_IPS"
+FIREWALL="/sbin/iptables"
+ETH="eth1"
+
+# echo "Downloading the cinsarmy bad guys list of IPs."
+
+wget -c https://cinsscore.com/list/ci-badguys.txt -q -O $BADGUYS_FILE
+
+# Check if the file exists
+if [[ ! -f "$BADGUYS_FILE" ]]; then
+    echo "File not found: $BADGUYS_FILE"
+    exit 1
+fi
+
+# echo "Making sure the file downloaded..."
+
+# Check if the chain exists, and creates it if it's not there
+if $FIREWALL -L $CHAIN_NAME -n &> /dev/null; then
+    # echo "Chain $CHAIN_NAME already exists."
+    $FIREWALL -F $CHAIN_NAME
+else
+    # echo "Creating chain $CHAIN_NAME."
+    $FIREWALL -N $CHAIN_NAME
+fi
+
+# echo "Processing the bad guys list..."
+
+# Read each line (IP address) from the file and block it
+while IFS= read -r ip; do
+    # Check if the line is not empty
+    if [[ -n "$ip" ]]; then
+        # Block the IP address using $FIREWALL
+        $FIREWALL -A $CHAIN_NAME -i $ETH -s "$ip" -j DROP
+        # echo "Blocked IP: $ip"
+    fi
+done < "$BADGUYS_FILE"
+
+# Jump to the our chain from the FORWARD CHAIN
+$FIREWALL -A FORWARD -j $CHAIN_NAME
+
+# Delete the bad guys file
+rm $BADGUYS_FILE
+
+# echo "Bad guys list has been processed, and deleted."
+

resetfirewall.sh

@@ -0,0 +1,60 @@
+#!/bin/bash
+#
+
+BADGUYS_FILE="/root/ci-badguys.txt"
+CHAIN_NAME="CINSARMY_IPS"
+FIREWALL="/sbin/iptables"
+ETH="eth1"
+
+echo "Clearing firewall."
+$FIREWALL -P INPUT ACCEPT
+$FIREWALL -P FORWARD ACCEPT
+$FIREWALL -P OUTPUT ACCEPT
+$FIREWALL -t nat -F
+$FIREWALL -t mangle -F
+$FIREWALL -F
+$FIREWALL -X
+echo "Restoring firewall from iptables.rules."
+/sbin/iptables-restore < /etc/iptables.rules
+echo "Restoring fail2ban rules."
+sudo systemctl restart fail2ban
+echo "Downloading cinsarmy IP list..."
+
+wget -c https://cinsscore.com/list/ci-badguys.txt -O $BADGUYS_FILE
+
+echo "Making sure it downloaded."
+
+# Check if the file exists
+if [[ ! -f "$BADGUYS_FILE" ]]; then
+    echo "File not found: $BADGUYS_FILE"
+    exit 1
+fi
+
+echo "Processing the list..."
+
+# Check if the chain exists, and creates it if it's not there
+if $FIREWALL -L $CHAIN_NAME -n &> /dev/null; then
+    echo "Chain $CHAIN_NAME already exists."
+    $FIREWALL -F $CHAIN_NAME
+else
+    echo "Creating chain $CHAIN_NAME."
+    $FIREWALL -N $CHAIN_NAME
+fi
+
+# Read each line (IP address) from the file and block it
+while IFS= read -r ip; do
+    # Check if the line is not empty
+    if [[ -n "$ip" ]]; then
+        # Block the IP address using iptables
+        $FIREWALL -A $CHAIN_NAME -i $ETH -s "$ip" -j DROP
+        # echo "Blocked IP: $ip"
+    fi
+done < "$BADGUYS_FILE"
+
+# Jump to the our chain from the FORWARD CHAIN
+$FIREWALL -A FORWARD -j $CHAIN_NAME
+
+# Delete the bad guys file
+rm $BADGUYS_FILE
+
+echo "Bad guys list has been processed, and deleted."