Update 2025-04-13_16:21:50
This commit is contained in:
root
36
firehol-reload-netset-blacklist.sh
Executable file
36
firehol-reload-netset-blacklist.sh
Executable file
@ -0,0 +1,36 @@
|
||||
#!/bin/bash
|
||||
|
||||
# Define your ipset name
|
||||
IPSET_NAME="blacklist"
|
||||
|
||||
# Path to your list of IP network ranges, one per line
|
||||
IP_LIST_PATH="/etc/firehol/blacklist.netset"
|
||||
|
||||
# Function to check if a string is a CIDR network range specifically for /24
|
||||
is_cidr_24() {
|
||||
local CIDR=$1
|
||||
if [[ $CIDR =~ ^[0-9]+\.[0-9]+\.[0-9]+\.[0-9]+/24$ ]]; then
|
||||
return 0 # True
|
||||
else
|
||||
return 1 # False
|
||||
fi
|
||||
}
|
||||
|
||||
# Clear the existing ipset
|
||||
ipset flush "$IPSET_NAME"
|
||||
|
||||
# Repopulate the ipset
|
||||
while IFS= read -r LINE; do
|
||||
# Skip empty lines and lines starting with #
|
||||
[[ -z "$LINE" ]] || [[ "$LINE" =~ ^# ]] && continue
|
||||
|
||||
if is_cidr_24 "$LINE"; then
|
||||
# It's a CIDR /24 network range, add to blacklist
|
||||
ipset add "$IPSET_NAME" "$LINE" 2>/dev/null
|
||||
else
|
||||
echo "Skipping unrecognized format: $LINE"
|
||||
fi
|
||||
done < "$IP_LIST_PATH"
|
||||
|
||||
echo "Ipset $IPSET_NAME reloaded with networks from $IP_LIST_PATH"
|
||||
|
||||
Reference in New Issue
Block a user