#!/bin/bash

ips() {
	/sbin/ipset $@
}

#IPTABLES=/sbin/iptables
#IP6TABLES=/sbin/ip6tables
DROPDIR=/var/lib/droplist

[ -d $DROPDIR ] || mkdir $DROPDIR

DROPLIST=$DROPDIR/drop.txt
[ -f $DROPLIST ] && rm $DROPLIST
wget "http://www.spamhaus.org/drop/drop.txt" -q -O $DROPLIST

[ -f $DROPLIST ] || exit 124

#$IPTABLES -F dropfilter
ips flush dropset4

cat "$DROPLIST" \
 | sed -e 's/;.*//' \
 | grep -v '^ *$' \
 | while read NB ; do
#    $IPTABLES -A dropfilter -s "$NB" -j DROP
#    $IPTABLES -A dropfilter -d "$NB" -j DROP
	ips add dropset4 "$NB"
done

DROPLIST6=$DROPDIR/drop6.txt
[ -f $DROPLIST6 ] && rm $DROPLIST6
wget "https://www.spamhaus.org/drop/dropv6.txt" -q -O $DROPLIST6

[ -f $DROPLIST6 ] || exit 126

#$IP6TABLES -F dropfilter
ips flush dropset6

cat "$DROPLIST6" \
 | sed -e 's/;.*//' \
 | grep -v '^ *$' \
 | while read NB ; do
#    $IP6TABLES -A dropfilter -s "$NB" -j DROP
#    $IP6TABLES -A dropfilter -d "$NB" -j DROP
	ips add dropset6 "$NB"
done