#!/bin/sh
### BEGIN INIT INFO
# Provides: iptables-banlist
# Required-Start: $local_fs $network
# Required-Stop: $local_fs $network
# Should-Start:
# Should-Stop:
# Default-Start: 2 3 4 5
# Default-Stop: 0 1 6
# Short-Description: iptables-banlist
### END INIT INFO
set -e
PATH=/sbin:/bin:/usr/sbin:/usr/bin
. /lib/lsb/init-functions
case "$1" in
start)
iptables -t filter -A INPUT -s 10.0.0.0/24 -j ACCEPT
if [ -f /root/iptables-banlist ]
then
for BAN in $(cat /root/iptables-banlist)
do
iptables -t filter -A INPUT -s $BAN -j DROP
done
echo "iptables-banlist DONE"
beep -f 1000 -l 1000
else
echo "FAILED! - file /root/iptables-banlist does not exist!"
fi
;;
reload)
if [ -f /root/iptables-banlist ]
then
iptables -F INPUT
iptables -t filter -A INPUT -s 10.0.0.0/24 -j ACCEPT
for BAN in $(cat /root/iptables-banlist)
do
iptables -t filter -A INPUT -s $BAN -j DROP
done
echo "IPTABLES custom chains reloaded"
beep -f 1000 -l 1000
else
echo "FAILED! - file /root/iptables-banlist does not exist!"
fi
;;
unban-all|stop)
iptables -F
beep -f 1000 -l 1000
echo "IPTABLES chains flushed"
;;
status)
echo "IPTABLES chains printout:"
iptables -L
;;
*)
echo "Usage: /etc/init.d/iptable-ban.sh {start|reload|unban-all|status}"
;;
esac
exit 0