yanistyle/AS_Network_List
1
0
Fork 0
mirror of https://github.com/C24Be/AS_Network_List.git synced 2026-03-30 22:28:50 +03:00
Code Issues Packages Projects Releases Wiki Activity

some fixes

Browse Source
This commit is contained in:
C24Be
2026-03-26 09:26:41 +01:00
parent 849e96a16d
commit 011efe4bcb
10 changed files with 25 additions and 86 deletions
Download Patch File Download Diff File Expand all files Collapse all files

21
blacklists_updater_nftables.sh
View File

@@ -18,8 +18,8 @@ VK_INPUT_FILE="$SCRIPT_DIR/blacklists/blacklist-vk.txt"
VK_INPUT_V4_FILE="$SCRIPT_DIR/blacklists/blacklist-vk-v4.txt"
VK_INPUT_V6_FILE="$SCRIPT_DIR/blacklists/blacklist-vk-v6.txt"
# Create output directory if it doesn't exist
mkdir -p "$OUTPUT_DIR"
# Create required directories if they don't exist
mkdir -p "$OUTPUT_DIR" "$SCRIPT_DIR/blacklists"
echo "Generating nftables blacklists..."
@@ -34,11 +34,6 @@ grep ':' "$VK_INPUT_FILE" | sort -u > "$VK_INPUT_V6_FILE" || true
grep -v ':' "$VK_INPUT_FILE" | sort -u > "$VK_INPUT_V4_FILE" || true
rm -f "$TMP_VK_FILE"
# Generate mixed IPv4/IPv6 blacklist
python3 "$SCRIPT_DIR/generate_nft_blacklist.py" \
"$INPUT_FILE" \
"$OUTPUT_DIR/blacklist.nft"
# Generate IPv4-only blacklist
TMP_V4_FILE="/tmp/blacklist-v4.txt"
TMP_V6_FILE="/tmp/blacklist-v6.txt"
@@ -54,9 +49,6 @@ python3 "$SCRIPT_DIR/generate_nft_blacklist.py" \
"$OUTPUT_DIR/blacklist-v6.nft"
# Generate VK-only blacklists (network names: VK Cloud / VKCOMPANY / VKONTAKTE)
python3 "$SCRIPT_DIR/generate_nft_blacklist.py" \
"$VK_INPUT_FILE" \
"$OUTPUT_DIR/blacklist-vk.nft"
python3 "$SCRIPT_DIR/generate_nft_blacklist.py" \
"$VK_INPUT_V4_FILE" \
"$OUTPUT_DIR/blacklist-vk-v4.nft"
@@ -64,19 +56,24 @@ python3 "$SCRIPT_DIR/generate_nft_blacklist.py" \
"$VK_INPUT_V6_FILE" \
"$OUTPUT_DIR/blacklist-vk-v6.nft"
# Remove deprecated mixed summary files if they exist
rm -f "$OUTPUT_DIR/blacklist.nft" "$OUTPUT_DIR/blacklist-vk.nft"
# Clean up temp files
rm -f "$TMP_V4_FILE" "$TMP_V6_FILE"
echo "nftables blacklists generated successfully!"
echo ""
echo "VM incoming block examples (all lists, nftables):"
echo " sudo nft -f $OUTPUT_DIR/blacklist.nft"
echo " sudo nft -f $OUTPUT_DIR/blacklist-v4.nft"
echo " sudo nft -f $OUTPUT_DIR/blacklist-v6.nft"
echo " sudo nft add chain inet filter input '{ type filter hook input priority 0; policy accept; }'"
echo " sudo nft add rule inet filter input ip saddr @blacklist_v4 counter reject"
echo " sudo nft add rule inet filter input ip6 saddr @blacklist_v6 counter reject"
echo ""
echo "VK outbound block examples for VPN clients via NAT (nftables):"
echo " sudo nft -f $OUTPUT_DIR/blacklist-vk.nft"
echo " sudo nft -f $OUTPUT_DIR/blacklist-vk-v4.nft"
echo " sudo nft -f $OUTPUT_DIR/blacklist-vk-v6.nft"
echo " sudo nft add chain inet filter forward '{ type filter hook forward priority 0; policy accept; }'"
echo " sudo nft add rule inet filter forward iifname \"<VPN_IFACE>\" ip daddr @blacklist_v4 counter reject"
echo " sudo nft add rule inet filter forward iifname \"<VPN_IFACE>\" ip6 daddr @blacklist_v6 counter reject"