Cron to update the IPTables Blocker

Blocker_update.sh

#!/usr/bin/env bash

# Cron to update the IPTables Blocker
# Now works with Raspberry Pi Raspbian Jessy

# Define some defaults
IPTABLES='/sbin/iptables'
BLOCKLIST='/tmp/enatec_blocked.txt'

# Get the latest List
/usr/bin/nice -n20 /usr/bin/curl -s --compressed http://rules.emergingthreats.net/fwrules/emerging-Block-IPs.txt -o /tmp/emerging-Block-IPs.txt
/usr/bin/nice -n20 /usr/bin/curl -s --compressed https://www.blocklist.de/downloads/export-ips_ssh.txt -o /tmp/export-ips_ssh.txt
/usr/bin/nice -n20 /usr/bin/curl -s --compressed https://www.blocklist.de/downloads/export-ips_postfix.txt -o /tmp/export-ips_postfix.txt

# Merge them
/bin/cat /tmp/emerging-Block-IPs.txt /tmp/export-ips_ssh.txt /tmp/export-ips_postfix.txt > /tmp/enatec_blocked_temp.txt

# Cleanup
/bin/rm /tmp/emerging-Block-IPs.txt
/bin/rm /tmp/export-ips_ssh.txt
/bin/rm /tmp/export-ips_postfix.txt

# Create the long (big) list
/usr/bin/nice -n20 /bin/egrep '^[0-9]+\.[0-9]+\.[0-9]+\.[0-9]+' "/tmp/enatec_blocked_temp.txt" | /usr/bin/sort -u > $BLOCKLIST

# Cleanup
/bin/rm /tmp/enatec_blocked_temp.txt

# Taken from http://rules.emergingthreats.net/fwrules/emerging-IPTABLES-ALL.rules
$IPTABLES -N ETBLOCKLIST
$IPTABLES -I FORWARD 1 -j ETBLOCKLIST
$IPTABLES -I INPUT 1 -j ETBLOCKLIST
$IPTABLES -N LOGNDROP
#$IPTABLES -A LOGNDROP -j LOG --log-level INFO --log-prefix "ET BLOCK: "
$IPTABLES -A LOGNDROP -j DROP

# Now fire it up
while read -r line
do
    Badguy="$line"
    $IPTABLES -A ETBLOCKLIST -p ALL --src $Badguy -j LOGNDROP
done < "$BLOCKLIST"

# Cleanup
/bin/rm "$BLOCKLIST"

# Done