#! /bin/bash

# IPsum List Levels 
# 1 - auto-ban list of "bad IPs" that appear on at least 1 Dnsbl              Most - can contain up to 40,000 plus IP's
# 2 - auto-ban list of "bad IPs" that appear on at least 2 Dnsbl               |
# 3 - Default - auto-ban list of "bad IPs" that appear on at least 3 Dnsbl     | - Contains about 15,000 to 20,000 IP's
# 4 - auto-ban list of "bad IPs" that appear on at least 4 Dnsbl               |
# 5 - auto-ban list of "bad IPs" that appear on at least 5 Dnsbl               |
# 6 - auto-ban list of "bad IPs" that appear on at least 6 Dnsbl               |
# 7 - auto-ban list of "bad IPs" that appear on at least 7 Dnsbl              \|/
# 8 - auto-ban list of "bad IPs" that appear on at least 8 Dnsbl             Least - only contains 30 plus IP's
# You can find out more about these lists here --> https://github.com/stamparm/ipsum

list=3 #<-- Set your IPsum list level

install_ufw_blocklist() {
    {
        # Install ipset if not already installed
        if [ ! "$(command -v ipset)" ]; then
            apt -y install ipset
        fi

        # Backup of the original ufw after.init example script
        cp /etc/ufw/after.init /etc/ufw/after.init.orig

        # Get after.init and ufw-blocklist-ipsum files
        cd /tmp || exit 2
        wget https://files.mylinux.work/s/aRXEsCe5G8b43QB/download/after.init
        wget https://files.mylinux.work/s/WidDAy5N9eQzX4t/download/ufw-blocklist-ipsum

        # Install the ufw-blocklist downloaded files
        mv after.init /etc/ufw/after.init
        mv ufw-blocklist-ipsum /etc/cron.daily/ufw-blocklist-ipsum
        chown root.root /etc/ufw/after.init /etc/cron.daily/ufw-blocklist-ipsum
        chmod 750 /etc/ufw/after.init /etc/cron.daily/ufw-blocklist-ipsum

        # Set List level in daily cron
        sed -i "s/3.txt/$list.txt/g" /etc/cron.daily/ufw-blocklist-ipsum

        # Create Seedfile for after.init to automaticly load 
        touch /etc/ipsum.ipv4.txt
        chmod 640 /etc/ipsum.ipv4.txt
        
        # Start ufw-blocklist
        /etc/ufw/after.init start
        
        # Load ipset list 
        echo "It takes a little time to load the blocklist $list.txt entries into the ufw-blocklist-ipset blocklist...."
        /etc/cron.daily/ufw-blocklist-ipsum
        sleep 20

        # Display Number of entries
        ipset list ufw-blocklist-ipsum -terse | grep 'Number of entries'
    }
}

# Function Call
install_ufw_blocklist