-
Notifications
You must be signed in to change notification settings - Fork 0
/
iptables_ban_tor.sh
34 lines (29 loc) · 1.05 KB
/
iptables_ban_tor.sh
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
#!/bin/bash
# iptables_ban_tor.sh
# this script download Ip list from check.torproject.org
#+ using your configured ip
# replace SETNAME value by your own iptable chaine name
# replace MYIP value by your own server IP
#
# Use iptable and logger
SETNAME="tor_ips"
MYIP="192.168.0.100"
MYPORT="80"
#
iptables -X $SETNAME
iptables -N $SETNAME
DAY=$(date -d "1 hours ago" | awk '{print $2" "$3" "$4}' | cut -d ":" -f1)
IP=$( curl "https://check.torproject.org/cgi-bin/TorBulkExitList.py?ip=${MYIP}&port=${MYPORT}" 2>/dev/null | tail -n +4 )
if [ -n "$IP" ]; then # only proceed if new IPs are obtained
/sbin/iptables -F $SETNAME
logger -t "tor_ip_block" "Fluch iptables chain $SETNAME ."
for ipliste in $IP
do
/sbin/iptables -A $SETNAME -s $ipliste -j REJECT
#echo "reject IP :" $ipliste
logger -t "tor_ip_block" "Add iptables rules for ip $ipliste using chain $SETNAME ."
done
else
logger -t "tor_ip_block" "No IPs to add."
fi
exit 0