RKN blocklist

cron @daily
update.rkn.sh
#!/bin/bash

[[ $(ip a | grep -c 10.10.0.253) > 0 ]] && echo "I am master, updating.." || exit 1

BLKLIST="/tmp/rkn-block-list.txt"
BLKIPLIST="/tmp/rkn-block-list-ip.txt"
BLKIPCUSTOM="/tmp/custom-block-list.txt"

echo "..fetching rkn blacklist"
wget http://api.antizapret.info/all.php -O $BLKLIST
echo "..converting rkn blacklist to ips list"
grep -o '[0-9]\{1,3\}\.[0-9]\{1,3\}\.[0-9]\{1,3\}\.[0-9]\{1,3\}' $BLKLIST | sort | uniq > $BLKIPLIST
[[ -f $BLKIPCUSTOM ]] && (cat $BLKIPCUSTOM >> $BLKIPLIST)
echo "..creating ipset blacklist"
ipset --create blacklist iphash 2>/dev/null
echo "..adding ips to blacklist"
for i in $( cat $BLKIPLIST ) ; do ipset --add blacklist $i 2>/dev/null; done
echo "..enabling drop rule"
[[ $(iptables -L -n | grep -c blacklist) < 1 ]] && (iptables -I INPUT 1 -m set --set blacklist src -j DROP)
echo "..done"
start @boot via rc.local
reload.rkn.sh
#!/bin/bash

BLKIPLIST="/tmp/rkn-block-list-ip.txt"

ipset --create blacklist iphash 2>/dev/null
for i in $( cat $BLKIPLIST ) ; do ipset --add blacklist $i 2>/dev/null; done
[[ $(iptables -L -n | grep -c blacklist) < 1 ]] && (iptables -I INPUT 1 -m set --set blacklist src -j DROP)