Requirements
Depend your OS, you need install:
- IPSET
- IPTABLES
- curl or wget
Download and Installation
First you need Download ipset.sh script and save it to ex. /usr/sbin/me_ipset.sh
curl https://cdn.malware.expert/ipset.sh > /usr/sbin/me_ipset.sh
Modify owner and file permissions to correct:
chmod 750 /usr/sbin/me_ipset.sh chown root:root /usr/sbin/me_ipset.sh
Open me_ipset.sh file with editor (nano / vi) and replace from begin URL with correct subscription download url:
URL="https://rbl.malware.expert/serial_key_here/ip.txt"
Replace serial_key_here your subscription key (ex. 21r3jx79pcm9tj50z5lnuannp). Your buyed subscription key found in here! If you dont have you need Buy subscription.
Crontab
Now you need add to cronjob reload every hour new IP’s to block bot network attacks.
crontab -e
We set run cron every hourly, five minutes over. Note: You can choose suitable time for your server load, but remember do not schedule too often, because IP list is updated every hourly only!
#RBL Database - IPSET 5 * * * * /usr/sbin/me_ipset.sh reload >/dev/null 2>&1
Usage
You can also manual test that everything work as it should:
Usage: ./me_ipset.sh {start|restart|reload|stop}
Start
root@localhost:/usr/sbin# ./me_ipset.sh start blocklist-me :: Processing IP List, this may take while ... blocklist-me :: Started and rules loaded
Stop
root@localhost:/usr/sbin# ./me_ipset.sh stop blocklist-me :: Stopping and delete rules
reload
Reload only new blacklist rules. Note: me_ipset.sh need be started!
root@localhost:/usr/sbin# ./me_ipset.sh reload blocklist-me :: Processing IP List, this may take while ... blocklist-me :: Rules reloaded
restart
root@localhost:/usr/sbin# ./me_ipset.sh restart blocklist-me :: Stopping and delete rules blocklist-me :: Processing IP List, this may take while ... blocklist-me :: Started and rules loaded