Cron to update the IPTables Blocker

Blcoker_update.sh

#!/usr/bin/env bash

# Cron to update the IPTables Blocker
# Needs some further tweaks and improvements

# Define some defaults
IPTABLES='/sbin/iptables'
BLOCKLIST='/tmp/enatec_blocked.txt'

# Get the latest List
/bin/nice -n20 /bin/curl -s --compressed http://rules.emergingthreats.net/fwrules/emerging-Block-IPs.txt -o /tmp/emerging-Block-IPs.txt
/bin/nice -n20 /bin/curl -s --compressed https://www.blocklist.de/downloads/export-ips_ssh.txt -o /tmp/export-ips_ssh.txt
/bin/nice -n20 /bin/curl -s --compressed https://www.blocklist.de/downloads/export-ips_postfix.txt -o /tmp/export-ips_postfix.txt

# Merge them
/bin/cat /tmp/emerging-Block-IPs.txt /tmp/export-ips_ssh.txt /tmp/export-ips_postfix.txt > /tmp/enatec_blocked_temp.txt

# Cleanup
/bin/rm /tmp/emerging-Block-IPs.txt
/bin/rm /tmp/export-ips_ssh.txt
/bin/rm /tmp/export-ips_postfix.txt

# Create the long (big) list
/bin/nice -n20 /bin/egrep '^[0-9]+\.[0-9]+\.[0-9]+\.[0-9]+' "/tmp/enatec_blocked_temp.txt" | /bin/sort -u > $BLOCKLIST

# Cleanup
/bin/rm /tmp/enatec_blocked_temp.txt

# Taken from http://rules.emergingthreats.net/fwrules/emerging-IPTABLES-ALL.rules
$IPTABLES -N ETBLOCKLIST
$IPTABLES -I FORWARD 1 -j ETBLOCKLIST
$IPTABLES -I INPUT 1 -j ETBLOCKLIST
$IPTABLES -N LOGNDROP
$IPTABLES -A LOGNDROP -j LOG --log-level INFO --log-prefix "ET BLOCK: "
$IPTABLES -A LOGNDROP -j DROP

# Now fire it up
while read -r line
do
    Badguy="$line"
    $IPTABLES -A ETBLOCKLIST -p ALL --src $Badguy -j LOGNDROP
done < "$BLOCKLIST"

# Cleanup
/bin/rm "$BLOCKLIST"

# Done

Looks like it takes forever to generate all iptables rules from such a big list. Maybe it would be more convenient to install iptables-persistent package and generate /etc/iptables/rules.v4 file from this script?