Create an IPSET of banned ip addresses

[max/glocker.git] / glocker.sh

diff --git a/glocker.sh b/glocker.sh
new file mode 100755 (executable)
index 0000000..f397ebb
--- /dev/null
+++ b/glocker.sh
@@ -0,0 +1,16 @@
+#!/bin/sh
+
+# Get list of nefarious IP addresses from www.friedersdorff.com/.banned
+
+BANNED_HOSTS=$(curl -s https://www.friedersdorff.com/.banned | 
+  grep -o -E '([[:digit:]]{1,3}\.){3}[[:digit:]]{1,3}/[[:digit:]]{1,2}')
+
+ipset create glocker-tmp hash:net --hashsize 64
+for host in $(echo $BANNED_HOSTS); do
+  ipset add glocker-tmp $host
+done
+
+ipset create -exist glocker hash:net --hashsize 64
+ipset swap glocker-tmp glocker
+ipset destroy glocker-tmp
+echo "IPSet: glocker updated"