-
I could not resist tinkering and I've split the file into two:
File 1 - place in /etc/cron.daily and make executable:
File 2 - place in /etc/clearos/firewall.d/, call it something like 10-ET_IP_Blocks and make it executable:
Significant changes on the initial program:
1 - Updates nightly without restarting the firewall
2 - loads ip_set module if necessary
3 - allows logging to be turned off
4 - stop echoing to screen (otherwise cron sends you a message every time the program runs)
5 - quietened down various commands using inbuilt features rather than redirecting to /dev/null
6 - The firewall logs blocked packets to /var/log/messages
Prerequisites: you must have wget and ipset installed.
[edit]
Stupid forum killing tabs! If you want to see the indenting, hit quote and copy from that.
[/edit]
[edit 25 Frb 14]
Small code fix
[/edit] -