49 lines
1.5 KiB
Bash
49 lines
1.5 KiB
Bash
#!/bin/bash
|
|
# A Nginx Shell Script To Block Spamhaus Lasso Drop Spam IP Address
|
|
# Run this script once a day and drop all spam network IPs (netblock) with http 403 client error.
|
|
# The script will get executed every day via /etc/cron.daily (make sure crond
|
|
# is running).
|
|
# -------------------------------------------------------------------------
|
|
# Copyright (c) 2008 nixCraft project <http://cyberciti.biz/fb/>
|
|
# This script is licensed under GNU GPL version 2.0 or above
|
|
# -------------------------------------------------------------------------
|
|
# This script is part of nixCraft shell script collection (NSSC)
|
|
# Visit http://bash.cyberciti.biz/ for more information.
|
|
# -------------------------------------------------------------------------
|
|
# Last updated on Jan/11/2010
|
|
# -------------------------------------------------------------------------
|
|
#
|
|
# include drop.lasso.conf;
|
|
#
|
|
# tmp file
|
|
FILE="/tmp/drop.lasso.txt.$$"
|
|
|
|
# nginx config file - path to nginx drop conf file
|
|
OUT=/etc/nginx/drop.lasso.conf
|
|
|
|
URLS=(
|
|
"https://www.spamhaus.org/drop/drop.txt"
|
|
"https://www.spamhaus.org/drop/edrop.txt"
|
|
"https://www.spamhaus.org/drop/dropv6.txt"
|
|
)
|
|
|
|
# reload command
|
|
NGINX="/etc/init.d/nginx reload"
|
|
|
|
# remove old file
|
|
[[ -f $FILE ]] && /bin/rm -f $FILE
|
|
|
|
# emply nginx deny file
|
|
>$OUT
|
|
|
|
# get database
|
|
for i in "${URLS[@]}"
|
|
do
|
|
curl "$i" >> $FILE
|
|
done
|
|
|
|
# format in nginx deny netblock; format
|
|
/bin/egrep -v '^;' $FILE | awk '{ print "deny " $1";"}' >>$OUT
|
|
|
|
# reload nginx
|
|
/bin/sync && ${NGINX} |