scripts

misc scripts and tools
git clone git://git.2f30.org/scripts.git
Log | Files | Refs

commit 9d081f5957cea1dc997b5d795091839e5767a2a0
parent 6470438380366344ad628164f3c60806ee583465
Author: sin <sin@2f30.org>
Date:   Thu Mar 16 17:48:11 +0000

Rename script

Diffstat:
gen-blocked-zones | 44--------------------------------------------
zoneblock | 44++++++++++++++++++++++++++++++++++++++++++++
2 files changed, 44 insertions(+), 44 deletions(-)
diff --git a/gen-blocked-zones b/gen-blocked-zones @@ -1,44 +0,0 @@ -#!/bin/sh -e -# Create zones directory: -# -# mkdir /etc/pf_zones && chmod 700 /etc/pf_zones -# -# pf.conf: -# -# table <blocked_zones4> persist file "/etc/pf_zones/blocked_zones4" -# table <blocked_zones6> persist file "/etc/pf_zones/blocked_zones6" -# -# block drop in quick log on $ext_if inet from <blocked_zones4> to any -# block out quick log on $ext_if inet from any to <blocked_zones4> -# block drop in quick log on $ext_if inet6 from <blocked_zones6> to any -# block out quick log on $ext_if inet6 from any to <blocked_zones6> - -COUNTRIES="br cn ru" - -gen_ipv4_zones() { - >blocked_zones4 # truncate zone file - for c in $COUNTRIES; do - ftp -o "$c"4.zone http://ipdeny.com/ipblocks/data/countries/"$c".zone - cat "$c"4.zone >> blocked_zones4 - sleep 1 # be nice to server - done -} - -gen_ipv6_zones() { - >blocked_zones6 # truncate zone file - for c in $COUNTRIES; do - ftp -o "$c"6.zone http://www.ipdeny.com/ipv6/ipaddresses/blocks/"$c".zone - cat "$c"6.zone >> blocked_zones6 - sleep 1 # be nice to server - done -} - -reload_pf_tables() { - pfctl -t blocked_zones4 -T replace -f blocked_zones4 - pfctl -t blocked_zones6 -T replace -f blocked_zones6 -} - -cd /etc/pf_zones -gen_ipv4_zones -gen_ipv6_zones -reload_pf_tables diff --git a/zoneblock b/zoneblock @@ -0,0 +1,44 @@ +#!/bin/sh -e +# Create zones directory: +# +# mkdir /etc/pf_zones && chmod 700 /etc/pf_zones +# +# pf.conf: +# +# table <blocked_zones4> persist file "/etc/pf_zones/blocked_zones4" +# table <blocked_zones6> persist file "/etc/pf_zones/blocked_zones6" +# +# block drop in quick log on $ext_if inet from <blocked_zones4> to any +# block out quick log on $ext_if inet from any to <blocked_zones4> +# block drop in quick log on $ext_if inet6 from <blocked_zones6> to any +# block out quick log on $ext_if inet6 from any to <blocked_zones6> + +COUNTRIES="br cn ru" + +gen_ipv4_zones() { + >blocked_zones4 # truncate zone file + for c in $COUNTRIES; do + ftp -o "$c"4.zone http://ipdeny.com/ipblocks/data/countries/"$c".zone + cat "$c"4.zone >> blocked_zones4 + sleep 1 # be nice to server + done +} + +gen_ipv6_zones() { + >blocked_zones6 # truncate zone file + for c in $COUNTRIES; do + ftp -o "$c"6.zone http://www.ipdeny.com/ipv6/ipaddresses/blocks/"$c".zone + cat "$c"6.zone >> blocked_zones6 + sleep 1 # be nice to server + done +} + +reload_pf_tables() { + pfctl -t blocked_zones4 -T replace -f blocked_zones4 + pfctl -t blocked_zones6 -T replace -f blocked_zones6 +} + +cd /etc/pf_zones +gen_ipv4_zones +gen_ipv6_zones +reload_pf_tables