Home > Debian, Linux, Shell, Uncategorized, bash, droplist, sed, spam, spamhaus > Spamhaus droplist

Spamhaus droplist

April 29th, 2009
Goto comments Leave a comment

 Powered by Max Banner Ads 
#!/bin/bash
 
#Script to add firewall rules to a linux system to completely block
#all traffic to and from networks in the spamhaus drop list.
 
#Copyright 2009, William Stearns, wstearns@pobox.com
#Released under the GPL.  This and other tools can be found at
#http://www.stearns.org/
 
#Sole (optional) command line parameter is the file location of the
#drop list, such as:
 
#cd /var/lib/
#wget http://www.spamhaus.org/drop/drop.lasso
# ./spamhaus-drop /var/lib/drop.lasso
 
#While the DROP file should be regularly updated, this should
#probably be about once per day or less frequently; do _not_
#download DROP more than once an hour.
 
if [ -n "$1" ]; then
	DropList="$1"
else
	DropList="./drop.lasso"
fi
if [ ! -s "$DropList" ]; then
	echo "Unable to find drop list file $DropList .  Perhaps do:" >&2
	echo "wget http://www.spamhaus.org/drop/drop.lasso -O $DropList"
	echo "exiting." >&2
	exit 1
fi
 
if [ ! -x /sbin/iptables ]; then
	echo "Missing iptables command line tool, exiting." >&2
	exit 1
fi
 
cat "$DropList" \
 | sed -e 's/;.*//' \
 | grep -v '^ *$' \
 | while read OneNetBlock ; do
	/sbin/iptables -I INPUT -s "$OneNetBlock" -j DROP
	/sbin/iptables -I OUTPUT -d "$OneNetBlock" -j DROP
	/sbin/iptables -I FORWARD -s "$OneNetBlock" -j DROP
	/sbin/iptables -I FORWARD -d "$OneNetBlock" -j DROP
done

Fabio Laganà Debian, Linux, Shell, Uncategorized, bash, droplist, sed, spam, spamhaus

  1. No comments yet.
  1. No trackbacks yet.
You must be logged in to post a comment.