summaryrefslogtreecommitdiffstats
path: root/bloker
blob: fa5ee8741515a8ee6938e6c04bcf73c6671d1774 (plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
#!/bin/bash

set -x

if [ "$1" = "rehash" ]
then

	mkdir -p /dev/shm/create_list
	cd /dev/shm/create_list
	#ALL ads-trackers-and-bad-pr0n dshield   ipset_rules  level2 spyware  templist
	#badpeers bogon  hijacked  level1(AVOID)  Microsoft  spider
	LISTS="ads-trackers-and-bad-pr0n hijacked badpeers Microsoft bogon"
	for list in $LISTS
	do
	wget http://www.bluetack.co.uk/config/$list.gz
	done
	#gunzip *.gz
	#http://www.maeyanie.com/2008/12/efficient-iptables-peerguardian-blocklist/
	#cat ads-trackers-and-bad-pr0n hijacked badpeers Microsoft bogon |  pg2ipse - - ads1 > ADS
    gunzip -c *.gz | pg2ipse - - ads1 > ADS   
	echo "Reading into ipset"
	read
	cat ADS |  grep -v ":" | /bin/grep -E '([0-9\.]+|^COMMIT)' | sudo ipset -R

	echo "Applying to iptables"
	read
	sudo iptables -A INPUT -m set --set ads1 src -j DROP
	sudo iptables -A FORWARD -m set --set ads1 src -j DROP
	
	sudo iptables -A FORWARD -m set --set ads1 dst -j REJECT
	sudo iptables -A OUTPUT -m set --set ads1 dst -j REJECT

elif [ "$1" = "unload" ];then

	sudo iptables -D INPUT -m set --set ads1 src -j DROP
	sudo iptables -D FORWARD -m set --set ads1 src -j DROP
	sudo iptables -D FORWARD -m set --set ads1 dst -j REJECT
	sudo iptables -D OUTPUT -m set --set ads1 dst -j REJECT

elif [ "$1" = "load" ];then

	cat ~/config/BLOCK | sudo ipset -R
	sleep 4
	sudo iptables -A INPUT -m set --set ads1 src -j DROP
	sudo iptables -A FORWARD -m set --set ads1 src -j DROP
	sudo iptables -A FORWARD -m set --set ads1 dst -j REJECT
	sudo iptables -A OUTPUT -m set --set ads1 dst -j REJECT

fi
set +x