Projet

Général

Profil

blacklist-init.sh

blacklist-init.sh - Fabrice Barconnière, 05/11/2015 08:57

Télécharger (1,6 ko)

 
1 
iptables -t raw -D PREROUTING -m set --match-set blacklistip dst -j LOG --log-prefix "BLACKLIST-DST-LOG "
2 
iptables -t raw -D PREROUTING -m set --match-set blacklistip src -j LOG --log-prefix "BLACKLIST-SRC-LOG "
3 
iptables -t raw -D PREROUTING -m set --match-set blacklistnet dst -j LOG --log-prefix "BLACKLIST-DST-LOG "
4 
iptables -t raw -D PREROUTING -m set --match-set blacklistnet src -j LOG --log-prefix "BLACKLIST-SRC-LOG "
5 
iptables -t raw -D PREROUTING -m set --match-set blacklistip dst -j DROP
6 
iptables -t raw -D PREROUTING -m set --match-set blacklistip src -j DROP
7 
iptables -t raw -D PREROUTING -m set --match-set blacklistnet dst -j DROP
8 
iptables -t raw -D PREROUTING -m set --match-set blacklistnet src -j DROP
9 
ipset --destroy blacklistip
10 
ipset --destroy blacklistnet
11 
ipset --create blacklistip iphash
12 
ipset --create blacklistnet nethash
13 
iptables -t raw -I PREROUTING -m set --match-set blacklistip dst -j DROP
14 
iptables -t raw -I PREROUTING -m set --match-set blacklistip src -j DROP
15 
iptables -t raw -I PREROUTING -m set --match-set blacklistnet dst -j DROP
16 
iptables -t raw -I PREROUTING -m set --match-set blacklistnet src -j DROP
17 
iptables -t raw -I PREROUTING -m set --match-set blacklistip dst -j LOG --log-prefix "BLACKLIST-DST-LOG "
18 
iptables -t raw -I PREROUTING -m set --match-set blacklistip src -j LOG --log-prefix "BLACKLIST-SRC-LOG "
19 
iptables -t raw -I PREROUTING -m set --match-set blacklistnet dst -j LOG --log-prefix "BLACKLIST-DST-LOG "
20 
iptables -t raw -I PREROUTING -m set --match-set blacklistnet src -j LOG --log-prefix "BLACKLIST-SRC-LOG "
21 
echo "/usr/src/blacklist-update.sh" | at now +1 minutes > /dev/null 2>&1