-
-
Save anonymous/7415239 to your computer and use it in GitHub Desktop.
| #!/bin/bash | |
| #Copyright 11.11.13 Michell Gailing <[email protected]> | |
| #It's Licensed under DWWWI 'Do whatever you want with it!' | |
| wget http://www.okean.com/chinacidr.txt | |
| sed -i '1,4d' chinacidr.txt | |
| sed -i 's/ China//g' chinacidr.txt | |
| ipset create china hash:net | |
| while read line; do ipset add china ; done < chinacidr.txt | |
| iptables -I INPUT -m set --match-set china src -j DROP | |
| rm chinacidr.txt |
Script complains about 2nd mandatory argument for ipset :(
I've tried with something like :
for ip in $(cat chinacidr.txt); do ipset add china $ip; done;
But then I check iptables and I just find :
iptables -v -L -n | grep china
0 0 DROP all -- * * 0.0.0.0/0 0.0.0.0/0 match-set china src
Which, as I do not yet know ipset, I am not sure if it is right
Oh pardon i forgot the $line variable
and i get the chinacidr.txt from http://www.okean.com/chinacidr.txt
you can get the working code at https://gist.github.com/Kruemmelmonster/8304729
Currently I have iptables and ajenti installed to manage my server.
ipset seams not to be installed. Will it be enough to just install ipset to make iptables work with ipset ?
Cheers
Hi ! May I ask you how do you obtain chinacidr.txt ? Just to check its reliability. I am currently interested in drop by country but I do not want to fail dropping some of my allowed users :)