Initial Commit

2024-06-17 08:33:22 -05:00 · 2024-06-17 08:33:22 -05:00 · 145dcf2835
commit 145dcf2835
parent d1b2c702b1
1 changed files with 58 additions and 0 deletions
--- a/UFW-Blocklist/ufw_blocklist.sh
+++ b/UFW-Blocklist/ufw_blocklist.sh
@ -0,0 +1,58 @@
+#! /bin/bash
+
+# IPsum List Levels 
+# 1 - auto-ban list of "bad IPs" that appear on at least 1 Dnsbl              Most - can contain up to 40,000 plus IP's
+# 2 - auto-ban list of "bad IPs" that appear on at least 2 Dnsbl               |
+# 3 - Default - auto-ban list of "bad IPs" that appear on at least 3 Dnsbl     | - Contains about 15,000 to 20,000 IP's
+# 4 - auto-ban list of "bad IPs" that appear on at least 4 Dnsbl               |
+# 5 - auto-ban list of "bad IPs" that appear on at least 5 Dnsbl               |
+# 6 - auto-ban list of "bad IPs" that appear on at least 6 Dnsbl               |
+# 7 - auto-ban list of "bad IPs" that appear on at least 7 Dnsbl              \|/
+# 8 - auto-ban list of "bad IPs" that appear on at least 8 Dnsbl             Least - only contains 30 plus IP's
+# You can find out more about these lists here --> https://github.com/stamparm/ipsum
+
+list=3 #<-- Set your IPsum list level
+
+install_ufw_blocklist() {
+    {
+        # Install ipset if not already installed
+        if [ ! "$(command -v ipset)" ]; then
+            apt -y install ipset
+        fi
+
+        # Backup of the original ufw after.init example script
+        cp /etc/ufw/after.init /etc/ufw/after.init.orig
+
+        # Get after.init and ufw-blocklist-ipsum files
+        cd /tmp || exit 2
+        wget https://files.mylinux.work/s/aRXEsCe5G8b43QB/download/after.init
+        wget https://files.mylinux.work/s/WidDAy5N9eQzX4t/download/ufw-blocklist-ipsum
+
+        # Install the ufw-blocklist downloaded files
+        mv after.init /etc/ufw/after.init
+        mv ufw-blocklist-ipsum /etc/cron.daily/ufw-blocklist-ipsum
+        chown root.root /etc/ufw/after.init /etc/cron.daily/ufw-blocklist-ipsum
+        chmod 750 /etc/ufw/after.init /etc/cron.daily/ufw-blocklist-ipsum
+
+        # Set List level in daily cron
+        sed -i "s/3.txt/$list.txt/g" /etc/cron.daily/ufw-blocklist-ipsum
+
+        # Create Seedfile for after.init to automaticly load 
+        touch /etc/ipsum.ipv4.txt
+        chmod 640 /etc/ipsum.ipv4.txt
+        
+        # Start ufw-blocklist
+        /etc/ufw/after.init start
+        
+        # Load ipset list 
+        echo "It takes a little time to load the blocklist $list.txt entries into the ufw-blocklist-ipset blocklist...."
+        /etc/cron.daily/ufw-blocklist-ipsum
+        sleep 20
+
+        # Display Number of entries
+        ipset list ufw-blocklist-ipsum -terse | grep 'Number of entries'
+    }
+}
+
+# Function Call
+install_ufw_blocklist