Block stopforumspam.com IP’s through iptables

WARNING: The following code will REPLACE your existing firewall rules as it uses iptables-restore in order to add hundreds of individual ip rules into the INPUT chain very fast.


#!/bin/bash
rm -f /root/listed_ip_*
wget -q -c --no-cache http://www.stopforumspam.com/downloads/listed_ip_90.zip -P /root/ --output-document=/root/listed_ip_90.txt.zip
unzip /root/listed_ip_90.txt.zip > /dev/null
BLOCKDB=/root/listed_ip_90.txt

echo "*filter" >/tmp/iptables-save
echo ":INPUT ACCEPT [0:0]" >>/tmp/iptables-save
echo ":FORWARD ACCEPT [0:0]" >>/tmp/iptables-save
echo ":OUTPUT ACCEPT [0:0]" >>/tmp/iptables-save
IPS=$(grep -Ev "^#" $BLOCKDB)
for i in $IPS
do
echo "-A INPUT -s $i/32 -p tcp -m tcp --dport 80 -j DROP" >>/tmp/iptables-save
done
echo "COMMIT" >>/tmp/iptables-save
cat /tmp/iptables-save | iptables-restore