Hallo David, On Fri, 31 Oct 2003 08:52:52 -0500 "David C. Hart" <DCH@xxxxxxxxxxx> wrote: > This creates an ad server s*list in IPTables. > I wrote a script around this URL to set my rules to the actual content of this list of addserver. In my FORWARD chain the line iptables -A FORWARD -p tcp -m multiport --dports 80,8080,443 -j adservers does the rerouting of the packets to the adservers chain. Jörg -- Jörg Schütter http://www.lug-untermain.de/ joerg@xxxxxxxxxxxxx http://www.schuetter.org/joerg/ ICQ: 298982789 http://mypenguin.bei.t-online.de/
#! /bin/sh # # reject_adservers # This script adds reject rules to the chain adservers # for every "known" addserver # Autho: Joerg Schuetter <joerg@xxxxxxxxxxxxx> PATH=/usr/local/sbin:/usr/local/bin:/sbin:/bin:/usr/sbin:/usr/bin DAEMON=/sbin/iptables NAME=reject_adservers DESC="iptables chain to reject adservers" test -x $DAEMON || exit 0 set -e case "$1" in start) echo -n "Starting $DESC: $NAME" for i in `lynx --source 'http://pgl.yoyo.org/adservers/iplist.php?ipformat=plain&showintro=1&mimetype=plaintext' | grep -E "^[[:digit:]]+\.[[:digit:]]+\.[[:digit:]]+\.[[:digit:]]+$"`; do iptables -A adservers -d $i -j REJECT; echo -n "."; done echo "." ;; stop) echo -n "Stopping $DESC: $NAME " iptables -F adservers echo "." ;; status) echo "Status of $NAME" iptables -L adservers -n -v | awk '{print $1 " " $2 " " $9;}' | \ grep "^[0-9]" | grep -v "^0 " | sort -n echo "." ;; *) N=/etc/init.d/$NAME echo "Usage: $N {start|stop|status}" >&2 exit 1 ;; esac exit 0
