37 lines
921 B
Bash
Executable File
37 lines
921 B
Bash
Executable File
#!/bin/bash
|
|
|
|
# Define your ipset name
|
|
IPSET_NAME="blacklist"
|
|
|
|
# Path to your list of IP network ranges, one per line
|
|
IP_LIST_PATH="/etc/firehol/blacklist.netset"
|
|
|
|
# Function to check if a string is a CIDR network range specifically for /24
|
|
is_cidr_24() {
|
|
local CIDR=$1
|
|
if [[ $CIDR =~ ^[0-9]+\.[0-9]+\.[0-9]+\.[0-9]+/24$ ]]; then
|
|
return 0 # True
|
|
else
|
|
return 1 # False
|
|
fi
|
|
}
|
|
|
|
# Clear the existing ipset
|
|
ipset flush "$IPSET_NAME"
|
|
|
|
# Repopulate the ipset
|
|
while IFS= read -r LINE; do
|
|
# Skip empty lines and lines starting with #
|
|
[[ -z "$LINE" ]] || [[ "$LINE" =~ ^# ]] && continue
|
|
|
|
if is_cidr_24 "$LINE"; then
|
|
# It's a CIDR /24 network range, add to blacklist
|
|
ipset add "$IPSET_NAME" "$LINE" 2>/dev/null
|
|
else
|
|
echo "Skipping unrecognized format: $LINE"
|
|
fi
|
|
done < "$IP_LIST_PATH"
|
|
|
|
echo "Ipset $IPSET_NAME reloaded with networks from $IP_LIST_PATH"
|
|
|