Skip to content
GitLab
Explore
Sign in
Primary navigation
Search or go to…
Project
blocklist-with-ipset
Manage
Activity
Members
Code
Repository
Branches
Commits
Tags
Repository graph
Compare revisions
Deploy
Releases
Model registry
Analyze
Model experiments
Help
Help
Support
GitLab documentation
Compare GitLab plans
Community forum
Contribute to GitLab
Provide feedback
Keyboard shortcuts
?
Snippets
Groups
Projects
Show more breadcrumbs
GitHub Mirror
virus2500
blocklist-with-ipset
Commits
7db94d07
Commit
7db94d07
authored
10 years ago
by
virus2500
Browse files
Options
Downloads
Plain Diff
Merge pull request #2 from virus2500/iss1
Iss1
parents
423fb48b
d5721b11
No related branches found
Branches containing commit
Tags
v1.0.2
Tags containing commit
No related merge requests found
Changes
4
Hide whitespace changes
Inline
Side-by-side
Showing
4 changed files
README.md
+3
-1
3 additions, 1 deletion
README.md
blacklist.txt
+3
-0
3 additions, 0 deletions
blacklist.txt
blocklist.pl
+75
-5
75 additions, 5 deletions
blocklist.pl
whitelist.txt
+3
-0
3 additions, 0 deletions
whitelist.txt
with
84 additions
and
6 deletions
README.md
+
3
−
1
View file @
7db94d07
...
...
@@ -4,10 +4,12 @@ Use at your own risk :)
Create an ipset based blocklist from an text file (downloaded from e.g. blocklist.de)
V1.0.2: Added a whitelist and blacklist
!!! IMPORTANT !!!!
You will need to install ipset!
Then open the blocklist.pl with your favorite text Editor and specify wh
y
your binarys are located.
Then open the blocklist.pl with your favorite text Editor and specify wh
ere
your binarys are located.
(These can be found via "which" e.g. "which iptables")
...
...
This diff is collapsed.
Click to expand it.
blacklist.txt
0 → 100644
+
3
−
0
View file @
7db94d07
# IPV4 Blacklist just add ips whiteout #
#
# e.g. 3.3.3.3
This diff is collapsed.
Click to expand it.
blocklist.pl
+
75
−
5
View file @
7db94d07
#!/usr/bin/perl
use
strict
;
use
warnings
;
use
strict
;
use
warnings
;
################################################################
###### Script to check Blocklist.de list. Block new IP ######
###### and unblock deleted entrys ######
...
...
@@ -11,6 +12,8 @@ my $fileName = "Blocklist.txt";
my
$tmpDir
=
"
/tmp
";
my
$file
=
"
$tmpDir
/
$fileName
";
my
$logFile
=
"
/var/log/blocklist
";
my
$whiteList
=
"
whitelist.txt
";
my
$blackList
=
"
blacklist.txt
";
## binarys ##
my
$iptables
=
"
/sbin/iptables
";
...
...
@@ -28,8 +31,11 @@ $added = $removed = $skipped = 0;
## init arrays ##
my
@fileArray
=
();
my
@ipsetArray
=
();
my
@whiteListArray
=
();
my
@blackListArray
=
();
## init hashes for faster searching
my
%whiteListArray
;
my
$blackListArray
;
my
%ipsetArray
;
my
%fileArray
;
...
...
@@ -43,8 +49,11 @@ my @days = qw(Sun Mon Tue Wed Thu Fri Sat Sun);
#****************************#
logging
("
Starting blocklist refresh
");
&iptablesCheck
();
&getWhiteListArray
();
&getBlackListArray
();
&getFileArray
();
&getIpsetArray
();
print
&addIpsToBlocklist
();
&remIpsFromBlocklist
();
&cleanup
();
...
...
@@ -122,7 +131,6 @@ sub getFileArray {
sub
getIpsetArray
{
$output
=
`
$ipset
list blocklist
`;
@ipsetArray
=
split
("
\n
",
$output
);
# %ipsetArray = map { $_ => 1} @ipsetArray;
#remove the first 6 Elements of our Array using splice (ipset header info)
splice
@ipsetArray
,
0
,
6
;
%ipsetArray
=
map
{
$_
=>
1
}
split
("
\n
",
$output
);
...
...
@@ -130,13 +138,61 @@ sub getIpsetArray {
##### END getIpsetArray #########
######### getWhiteListArray ######
## puts all ips from our ##
## $whitelist into ##
## array whiteListArray ##
##################################
sub
getWhiteListArray
{
open
(
INFO
,
$whiteList
)
or
die
("
Could not open Whitelist.
");
foreach
$line
(
<
INFO
>
)
{
push
(
@whiteListArray
,
$line
);
}
close
(
INFO
);
chomp
(
@whiteListArray
);
}
##### END getWhiteListArray #####
######### getBlackListArray ######
## puts all ips from our ##
## $whitelist into ##
## array blackListArray ##
##################################
sub
getBlackListArray
{
open
(
INFO
,
$blackList
)
or
die
("
Could not open Blacklist.
");
foreach
$line
(
<
INFO
>
)
{
push
(
@blackListArray
,
$line
);
}
close
(
INFO
);
chomp
(
@blackListArray
);
}
##### END getBlackListArray #####
######## addIpsToBlocklist ######
## adds IPs to our blocklist ##
#################################
sub
addIpsToBlocklist
{
foreach
$line
(
@blackListArray
)
{
if
((
exists
$ipsetArray
{"
$line
"})
||
(
$line
~~
@whiteListArray
))
{
$skipped
++
;
}
else
{
if
(
$line
eq
&isIpv4
(
$line
))
{
$result
=
`
$ipset
add blocklist
$line
`;
$added
++
;
$message
=
"
added
$line
";
logging
(
$message
);
}
else
{
$skipped
++
;
}
}
}
foreach
$line
(
@fileArray
)
{
if
(
exists
$ipsetArray
{"
$line
"})
{
if
(
(
exists
$ipsetArray
{"
$line
"})
||
(
$line
~~
@whiteListArray
))
{
$skipped
++
;
}
else
{
if
(
$line
eq
&isIpv4
(
$line
))
{
...
...
@@ -156,8 +212,22 @@ sub addIpsToBlocklist {
## remove IPs from our blocklist ##
#####################################
sub
remIpsFromBlocklist
{
# remove Ips that are in our whiteList
foreach
$line
(
@whiteListArray
)
{
if
((
exists
$ipsetArray
{"
$line
"})
&&
(
$line
~~
@whiteListArray
))
{
if
(
$line
eq
&isIpv4
(
$line
))
{
$result
=
`
$ipset
del blocklist
$line
`;
$message
=
"
removed
$line
";
logging
(
$message
);
$removed
++
;
}
else
{
$skipped
++
;
}
}
}
foreach
$line
(
@ipsetArray
)
{
if
(
exists
$fileArray
{"
$line
"})
{
if
(
(
exists
$fileArray
{"
$line
"})
||
(
$line
~~
@blackListArray
))
{
$skipped
++
;
}
else
{
if
(
$line
eq
&isIpv4
(
$line
))
{
...
...
This diff is collapsed.
Click to expand it.
whitelist.txt
0 → 100644
+
3
−
0
View file @
7db94d07
# IPV4 Whitelist just add ips
#
# e.g. 2.2.2.2
This diff is collapsed.
Click to expand it.
Preview
0%
Loading
Try again
or
attach a new file
.
Cancel
You are about to add
0
people
to the discussion. Proceed with caution.
Finish editing this message first!
Save comment
Cancel
Please
register
or
sign in
to comment
