Home Esplora Aiuto
Accedi
deadtom
/
Firewall_Scripts
1
0
Forka 0
File Problemi 0 Pull Requests 0 Wiki
Ramo (Branch): master
Rami (Branch) Tag
Firewall_Script...
/
quietcinsarmy.sh

quietcinsarmy.sh 2.0 KB
Permalink Cronologia Originale

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566 
  1. #!/bin/bash
    2. 

  2. 

  3. BADGUYS_FILE=""  # The location (full path) where you want to download the list
    4. 

  4. CHAIN_NAME="CINSARMY_IPS"  # The firewall chain to hold the cinsarmy rules
    5. 

  5. FIREWALL="/sbin/iptables"  # The path to iptables
    6. 

  6. ETH=""  # The name of the ethernet port you'd like to apply these rules to. Example: eth1
    7. 

  7. BLOCKMODE=""  # If you want these rules to apply to just this machine, this should be "INPUT".
    8. 

  8.               # If you want these rules to apply to a network behind this machine, this should be "FORWARD".
    9. 

  9. 

  10. # echo "Downloading the cinsarmy bad guys list of IPs."
    11. 

  11. 

  12. wget -c https://cinsscore.com/list/ci-badguys.txt -q -O $BADGUYS_FILE
    13. 

  13. 

  14. # Check if the file exists
    15. 

  15. if [[ ! -f "$BADGUYS_FILE" ]]; then
    16. 

  16.     echo "File not found: $BADGUYS_FILE"
    17. 

  17.     exit 1
    18. 

  18. fi
    19. 

  19. 

  20. # echo "Making sure the file downloaded..."
    21. 

  21. 

  22. # Check if the chain exists, and creates it if it's not there
    23. 

  23. if $FIREWALL -L $CHAIN_NAME -n &> /dev/null; then
    24. 

  24.     # echo "Chain $CHAIN_NAME already exists."
    25. 

  25.     $FIREWALL -F $CHAIN_NAME
    26. 

  26. else
    27. 

  27.     # echo "Creating chain $CHAIN_NAME."
    28. 

  28.     $FIREWALL -N $CHAIN_NAME
    29. 

  29. 	# Jump to the our chain from the FORWARD CHAIN
    30. 

  30. 	$FIREWALL -A $BLOCKMODE -j $CHAIN_NAME
    31. 

  31. fi
    32. 

  32. 

  33. # echo "Processing the updated bad guys list. This might take a while..."
    34. 

  34. 

  35. # Read each line (IP address) from the file and block it
    36. 

  36. while IFS= read -r ip; do
    37. 

  37.     # Check if the line is not empty
    38. 

  38.     if [[ -n "$ip" ]]; then
    39. 

  39.         # Block the IP address using $FIREWALL
    40. 

  40.         $FIREWALL -A $CHAIN_NAME -i $ETH -s "$ip" -j DROP
    41. 

  41.         # echo "Blocked IP: $ip"
    42. 

  42.     fi
    43. 

  43. done < "$BADGUYS_FILE"
    44. 

  44. 

  45. # Delete the bad guys file
    46. 

  46. rm $BADGUYS_FILE
    47. 

  47. 

  48. # echo "Bad guys list has been processed, and deleted."
    49. 

  49. 

  50. # echo "Checking for return rule at the end of our chain."
    51. 

  51. 

  52. # Check if the rule already exists
    53. 

  53. 

  54. RETURNRULE="-A $CHAIN_NAME -p tcp -j RETURN"
    55. 

  55. 

  56. if $FIREWALL -L $CHAIN_NAME -n | grep -q "tcp" && $FIREWALL -L $CHAIN_NAME -n | grep -q "RETURN"; then
    57. 

  57.     # echo "Rule already exists: $RETURNRULE"
    58. 

  58.     :
    59. 

  59. else
    60. 

  60.     # Add the rule if it doesn't exist
    61. 

  61.     $FIREWALL $RETURNRULE
    62. 

  62.     # echo "Rule added: $RETURNRULE"
    63. 

  63. fi
    64. 

  64. 

  65. echo "Done."
    66. 

  66.