DROP

From lathama
Jump to: navigation, search
Don't Route Or Peer
https://www.spamhaus.org/drop/
/etc/cron.d# cat droplist 
SHELL=/bin/sh
PATH=/usr/local/sbin:/usr/local/bin:/sbin:/bin:/usr/sbin:/usr/bin

* * * * 1 root /usr/local/bin/drop.sh
Shortened script found on the Internet. Working on a cleaner setup. This is safe and works but I would like more.
cat /usr/local/bin/drop.sh
#!/bin/bash
IPTABLES="/sbin/iptables";
URL="www.spamhaus.org/drop/drop.lasso";
FILE="/tmp/drop.lasso";
CHAIN="Spamhaus";
$IPTABLES -L $CHAIN -n
if [ $? -eq 0 ]; then
    $IPTABLES -F $CHAIN
    echo "Flushed old rules. Applying updated Spamhaus list...."    
else
    $IPTABLES -N $CHAIN
    $IPTABLES -A INPUT -j $CHAIN
    $IPTABLES -A FORWARD -j $CHAIN
    echo "Chain not detected. Creating new chain and adding Spamhaus list...."
fi;
wget -qc $URL -O $FILE
for IP in $( cat $FILE | egrep -v '^;' | awk '{ print $1}' ); do
    $IPTABLES -A $CHAIN -p 0 -s $IP -j LOG --log-prefix "[SPAMHAUS BLOCK]" -m limit --limit 3/min --limit-burst 10
    $IPTABLES -A $CHAIN -p 0 -s $IP -j DROP
    echo $IP
done
unlink $FILE

References


Sponsorship and Advertising space here. Please contact me if interested.