#!/usr/bin/env bash ########################################################################### ## Copyright (C) Wizardry and Steamworks 2024 - License: GNU GPLv3 ## ########################################################################### # Downloads GreenSnow attack IP list and adds all the networks to ipset. ## ########################################################################### ## Possible firewall configuration: ## Delete all the old rules. #I=`/sbin/iptables-save | grep -- "-A INPUT -j GREENSNOW"` #O=`/sbin/iptables-save | grep -- "-A OUTPUT -j GREENSNOW"` #if [ ! -z "$I" ] || [ ! -z "$O" ]; then # /sbin/iptables -F GREENSNOW # /sbin/iptables -X GREENSNOW #fi #if [ ! -z "$I" ]; then # /sbin/iptables -D INPUT -j GREENSNOW #fi #if [ ! -z "$O" ]; then # /sbin/iptables -D OUTPUT -j GREENSNOW #fi ## Create the chain again and add all the new rules. #/sbin/iptables -N GREENSNOW #/sbin/iptables -I INPUT 1 -j GREENSNOW #/sbin/iptables -I OUTPUT 1 -j GREENSNOW #/sbin/iptables -A GREENSNOW -p all -m set --match-set GREENSNOW src,dst -j DROP ## Continue with the rest. #/sbin/iptables -A GREENSNOW -j RETURN ########################################################################### `ipset list GREENSNOW 2>/dev/null >/dev/null` if [ $? = 1 ]; then ipset create GREENSNOW hash:net maxelem 262144 family inet fi ipset flush GREENSNOW while read LINE; do grep -E -vq "^((25[0-5]|2[0-4][0-9]|[01]?[0-9][0-9]?)(\.|$)){4}$" <<< "${LINE}" if [ $? -eq 0 ]; then continue fi printf %s "add GREENSNOW ${LINE}" | ipset restore -exist done <<< $(curl -s -L https://blocklist.greensnow.co/greensnow.txt) ====== Block BotScout Bots ====== [[https://botscout.com/|BotScout]] is an online service that tracks bots that automatically register accounts on various websites or post spam messages. The script below can be copied to ''/etc/cron.hourly'' in order to generate an ipset of all the IP addresses reported by BotScout. #!/usr/bin/env bash ########################################################################### ## Copyright (C) Wizardry and Steamworks 2024 - License: GNU GPLv3 ## ########################################################################### # Downloads botscout IP list and adds all the networks to ipset. ## ########################################################################### ## Possible firewall configuration: ## Delete all the old rules. #I=`/sbin/iptables-save | grep -- "-A INPUT -j BOTSCOUT"` #O=`/sbin/iptables-save | grep -- "-A OUTPUT -j BOTSCOUT"` #if [ ! -z "$I" ] || [ ! -z "$O" ]; then # /sbin/iptables -F BOTSCOUT # /sbin/iptables -X BOTSCOUT #fi #if [ ! -z "$I" ]; then # /sbin/iptables -D INPUT -j BOTSCOUT #fi #if [ ! -z "$O" ]; then # /sbin/iptables -D OUTPUT -j BOTSCOUT #fi ## Create the chain again and add all the new rules. #/sbin/iptables -N BOTSCOUT #/sbin/iptables -I INPUT 1 -j BOTSCOUT #/sbin/iptables -I OUTPUT 1 -j BOTSCOUT #/sbin/iptables -A BOTSCOUT -p all -m set --match-set BOTSCOUT src,dst -j DROP ## Continue with the rest. #/sbin/iptables -A BOTSCOUT -j RETURN ########################################################################### `ipset list BOTSCOUT 2>/dev/null >/dev/null` if [ $? = 1 ]; then ipset create BOTSCOUT hash:net maxelem 262144 family inet fi ipset flush BOTSCOUT while read LINE; do grep -E -vq "^((25[0-5]|2[0-4][0-9]|[01]?[0-9][0-9]?)(\.|$)){4}$" <<< "${LINE}" if [ $? -eq 0 ]; then continue fi printf %s "add BOTSCOUT ${LINE}" | ipset restore -exist done <<< $(curl -s -L https://iplists.firehol.org/files/botscout.ipset)