#!/bin/bash

IPTABLES=/sbin/iptables
IP6TABLES=/sbin/ip6tables
DROPDIR=/var/lib/droplist

[ -d $DROPDIR ] || mkdir $DROPDIR

DROPLIST=$DROPDIR/drop.txt
[ -f $DROPLIST ] && rm $DROPLIST
wget "http://www.spamhaus.org/drop/drop.txt" -q -O $DROPLIST

[ -f $DROPLIST ] || exit 124

$IPTABLES -F dropfilter

cat "$DROPLIST" \
 | sed -e 's/;.*//' \
 | grep -v '^ *$' \
 | while read NB ; do
    $IPTABLES -A dropfilter -s "$NB" -j DROP
    $IPTABLES -A dropfilter -d "$NB" -j DROP
done

DROPLIST6=$DROPDIR/drop6.txt
[ -f $DROPLIST6 ] && rm $DROPLIST6
wget "https://www.spamhaus.org/drop/dropv6.txt" -q -O $DROPLIST6

[ -f $DROPLIST6 ] || exit 126

$IP6TABLES -F dropfilter

cat "$DROPLIST6" \
 | sed -e 's/;.*//' \
 | grep -v '^ *$' \
 | while read NB ; do
    $IP6TABLES -A dropfilter -s "$NB" -j DROP
    $IP6TABLES -A dropfilter -d "$NB" -j DROP
done