Add 'config/Fail2Ban/fail2ban-generate-blocklist.sh'
This commit is contained in:
bprieshof
30
config/Fail2Ban/fail2ban-generate-blocklist.sh
Normal file
30
config/Fail2Ban/fail2ban-generate-blocklist.sh
Normal file
@@ -0,0 +1,30 @@
|
||||
#!/bin/bash
|
||||
# Purpose: Block all traffic from conrtys in ISO var. Use ISO code.
|
||||
# -------------------------------------------------------------------------------
|
||||
|
||||
### Setting VAR's ###
|
||||
ISO="AF AL DZ AD AO AG AR BH BD BJ BT BV BN BF BI CV KH CM CF TD CN KM CD CG CI CY CZ DJ DM DO SV GQ ER SZ ET FJ GA GM GH GL GD GN GW GY HT VA HK IS IN ID IR IQ IL JM JP JO KZ KE KI KP KR KW KG LA LB LS LR LY MO MK MW MY MV ML MR MU MX FM MN MS MZ MM NA NR NP NI NE OM PK PW PS PG PH PR QA RU RW BL KN LC VC WS ST SA SN SC SL SG SK SI SB SO ZA SS LK SD SY TW TJ TZ TH TL TG TO TT TN TR TM TV UG AE UY UZ VU VE VN EH YE ZM ZW"
|
||||
|
||||
WGET=/usr/bin/wget
|
||||
EGREP=/bin/egrep
|
||||
SPAMLIST="countrydrop"
|
||||
ZONEROOT="/opt/blockfiles"
|
||||
DLROOT="http://www.ipdeny.com/ipblocks/data/countries"
|
||||
|
||||
#running script
|
||||
rm /etc/nginx/blockips.conf
|
||||
[ ! -d $ZONEROOT ] && /bin/mkdir -p $ZONEROOT
|
||||
|
||||
for c in $ISO
|
||||
do
|
||||
tDB=$ZONEROOT/$c.zone
|
||||
$WGET -O $tDB $DLROOT/$c.zone
|
||||
BADIPS=$(egrep -v "^#|^$" $tDB)
|
||||
|
||||
for ipblock in $BADIPS
|
||||
do
|
||||
echo "deny $ipblock" >> /etc/nginx/blockips.conf
|
||||
done
|
||||
|
||||
done
|
||||
exit 0
|
||||
Reference in New Issue
Block a user