#! /bin/bash function bdsatib() { { ufw-blocklist -l "bdsatib https://www.binarydefense.com/banlist.txt" if ! crontab -l | grep -q "bdsatib"; then echo -e "$(crontab -u root -l)\n@daily /usr/local/bin/ufw-blocklists.sh -l "bdsatib https://www.binarydefense.com/banlist.txt"" | crontab -u root - fi } } function f2ball() { { ufw-blocklist -l "f2ball https://lists.blocklist.de/lists/all.txt" if ! crontab -l | grep -q "f2ball"; then echo -e "$(crontab -u root -l)\n*/35 * * * * /usr/local/bin/ufw-blocklists.sh -l "f2ball https://lists.blocklist.de/lists/all.txt"" | crontab -u root - fi } } function bfblocker() { { ufw-blocklist -l "bfblocker https://danger.rulez.sk/projects/bruteforceblocker/blist.php" if ! crontab -l | grep -q "bfblocker"; then echo -e "$(crontab -u root -l)\n@daily /usr/local/bin/ufw-blocklists.sh -l "bfblocker https://danger.rulez.sk/projects/bruteforceblocker/blist.php"" | crontab -u root - fi } } function cinsarmy() { { ufw-blocklist -l "cinsarmy http://cinsscore.com/list/ci-badguys.txt" if ! crontab -l | grep -q "cinsarmy"; then echo -e "$(crontab -u root -l)\n@daily /usr/local/bin/ufw-blocklists.sh -l "cinsarmy http://cinsscore.com/list/ci-badguys.txt"" | crontab -u root - fi } } function drop() { { if grep -q -E "IPV6=(yes|YES)" /etc/default/ufw; then ufw-blocklist -l "drop https://www.spamhaus.org/drop/drop.txt" -l "dropv6 https://www.spamhaus.org/drop/dropv6.txt" if ! crontab -l | grep -q "dropv6"; then echo -e "$(crontab -u root -l)\n@daily /usr/local/bin/ufw-blocklists.sh -l "drop https://www.spamhaus.org/drop/drop.txt" -l "dropv6 https://www.spamhaus.org/drop/dropv6.txt"" | crontab -u root - fi else ufw-blocklist -l "drop https://www.spamhaus.org/drop/drop.txt" if ! crontab -l | grep -q "drop"; then echo -e "$(crontab -u root -l)\n@daily /usr/local/bin/ufw-blocklists.sh -l "drop https://www.spamhaus.org/drop/drop.txt"" | crontab -u root - fi fi } } function edrop() { { ufw-blocklist -l "edrop https://www.spamhaus.org/drop/edrop.txt" if ! crontab -l | grep -q "edrop"; then echo -e "$(crontab -u root -l)\n@daily /usr/local/bin/ufw-blocklists.sh -l "edrop https://www.spamhaus.org/drop/edrop.txt"" | crontab -u root - fi } } function feodoc2() { { ufw-blocklist -l "feodoc2 https://feodotracker.abuse.ch/downloads/ipblocklist_recommended.txt" if ! crontab -l | grep -q "feodoc2"; then echo -e "$(crontab -u root -l)\n@daily /usr/local/bin/ufw-blocklists.sh -l "feodoc2 https://feodotracker.abuse.ch/downloads/ipblocklist_recommended.txt"" | crontab -u root - fi } } function feodoioc() { { ufw-blocklist -l "feodoioc https://feodotracker.abuse.ch/downloads/ipblocklist.txt" if ! crontab -l | grep -q "fedoioc"; then echo -e "$(crontab -u root -l)\n@daily /usr/local/bin/ufw-blocklists.sh -l "feodoioc https://feodotracker.abuse.ch/downloads/ipblocklist.txt"" | crontab -u root - fi } } function firehol() { { ufw-blocklist -l "firehol https://iplists.firehol.org/files/firehol_level1.netset" if ! crontab -l | grep -q "firehol"; then echo -e "$(crontab -u root -l)\n@daily /usr/local/bin/ufw-blocklists.sh -l "firehol https://iplists.firehol.org/files/firehol_level1.netset"" | crontab -u root - fi } } function greensnow() { { ufw-blocklist -l "greensnow https://blocklist.greensnow.co/greensnow.txt" if ! crontab -l | grep -q "bdsatib"; then echo -e "$(crontab -u root -l)\n@daily /usr/local/bin/ufw-blocklists.sh -l "greensnow https://blocklist.greensnow.co/greensnow.txt"" | crontab -u root - fi } } function ipsum() { { ufw-blocklist -l "ipsum https://raw.githubusercontent.com/stamparm/ipsum/master/levels/2.txt" if ! crontab -l | grep -q "ipsum"; then echo -e "$(crontab -u root -l)\n@daily /usr/local/bin/ufw-blocklists.sh -l "ipsum https://raw.githubusercontent.com/stamparm/ipsum/master/levels/2.txt"" | crontab -u root - fi } } function maxmind(){ { ufw-blocklist -l "maxmind https://www.maxmind.com/en/anonymous_proxies" if ! crontab -l | grep -q "maxmind"; then echo -e "$(crontab -u root -l)\n@daily /usr/local/bin/ufw-blocklists.sh -l "maxmind https://www.maxmind.com/en/anonymous_proxies"" | crontab -u root - fi } } function blocklist_menu() { { clear echo "Please select which blocklist from the list below" printf "\n" echo "1 - Binary Defense Systems Artillery Threat Intelligence Banlist" echo "2 - Blocklist.de Fail2Ban Reporting (all)" echo "3 - BruteForceBlocker" echo "4 - CINS Army List" echo "5 - FEODO Tracker: Botnet C2 - (Recommended)" echo "6 - FEODO Tracker: Botnet C2 IoC - (Recommended)" echo "7 - FireHOL IP List Level 1" echo "8 - MaxMind" echo "9 - GreenSnow" echo "10 - IPsum - (Recommended)" echo "11 - Spamhaus Don't Route Or Peer List (DROP)" echo "12 - Spamhaus Extended DROP List (EDROP):" echo "B - Go Back" echo "X - Exit" read -rn 1 user_input if [[ "$user_input" == '1' ]]; then bdsatib blocklist_menu elif [[ "$user_input" == '2' ]]; then f2ball blocklist_menu elif [[ "$user_input" == '3' ]]; then bfblocker blocklist_menu elif [[ "$user_input" == '4' ]]; then cins blocklist_menu elif [[ "$user_input" == '5' ]]; then feodoc2 blocklist_menu elif [[ "$user_input" == '6' ]]; then feodoioc blocklist_menu elif [[ "$user_input" == '7' ]]; then firehol blocklist_menu elif [[ "$user_input" == '8' ]]; then maxmind blocklist_menu elif [[ "$user_input" == '9' ]]; then greensnow blocklist_menu elif [[ "$user_input" == '10' ]]; then ipsum blocklist_menu elif [[ "$user_input" == '11' ]]; then drop blocklist_menu elif [[ "$user_input" == '12' ]]; then edrop blocklist_menu elif [[ "$user_input" == xX ]]; then exit 0 elif [[ "$user_input" == bB ]]; then Main_Menu fi } } function ipv6_install() { { # Check that ufw has IPv6 enabled if ! grep -q -E "IPV6=(yes|YES)" /etc/default/ufw; then echo "ERROR: IPv6 rules requested but UFW is not configured to use IPv6. Set IPV6=yes in /etc/default/ufw and rerun this script." Main_Menu fi wget https://files.mylinux.work/s/aRXEsCe5G8b43QB/download/after6.init chmod 750 after6.init mv /tmp/after6.init /etc/ufw/after6.init blocklist_menu } } function ipv6_menu() { { clear echo "Would you like to enable IPv6 support? [Y/n]" printf "\n" echo "Y - Yes" echo "N - No" read -rn 1 user_input if [[ "$user_input" == [yY] ]]; then ipv6_install elif [[ "$user_input" == [nN] ]]; then blocklist_menu fi } } function ipv4_install() { { if [ ! "$(command -v ipset)" ]; then apt -y install ipset fi cd /tmp || exit 2 wget https://files.mylinux.work/s/cqKc2CkzmHMpBXW/download/after.init chmod 750 after.init mv /tmp/after.init /etc/ufw/after.init wget https://files.mylinux.work/s/KfDSRWCcrxiTftf/download/ufw-blocklists.sh chmod 755 ufw-blocklists.sh mv /tmp/ufw-blocklists.sh /usr/local/bin/ ipv6_menu } } function Main_Menu() { { clear echo "Configure UFW to block IPs listed in blocklist ipsets? [Y/n]" printf "\n" echo "Y - Yes" echo "N - No" read -rn 1 user_input if [[ "$user_input" == [yY] ]]; then ipv4_install elif [[ "$user_input" == [nN] ]]; then exit 0 fi } } Main_Menu