yanistyle/AS_Network_List
1
0
Fork 0
mirror of https://github.com/C24Be/AS_Network_List.git synced 2026-04-08 02:21:12 +03:00
Code Issues Packages Projects Releases Wiki Activity

New VK Exclude rules

Browse Source
This commit is contained in:
C24Be
2026-04-06 17:55:22 +02:00
parent ccf0daf829
commit 2be4631e02
6 changed files with 99 additions and 117 deletions
Download Patch File Download Diff File Expand all files Collapse all files

39
blacklists_updater_iptables.sh
View File

@@ -1,22 +1,7 @@
#!/bin/sh
SCRIPT_DIR="$(cd "$(dirname "$0")" && pwd)"
# Input files (generated by blacklists_updater_txt.sh)
blacklist_file="${SCRIPT_DIR}/blacklists/blacklist.txt"
blacklist_v4_file="${SCRIPT_DIR}/blacklists/blacklist-v4.txt"
blacklist_v6_file="${SCRIPT_DIR}/blacklists/blacklist-v6.txt"
# Source files for name-based VK filtering
auto_all_v4_file="${SCRIPT_DIR}/auto/all-ru-ipv4.txt"
auto_all_v6_file="${SCRIPT_DIR}/auto/all-ru-ipv6.txt"
auto_ripe_v4_file="${SCRIPT_DIR}/auto/ripe-ru-ipv4.txt"
vk_name_pattern='vk[[:space:]-]*cloud|vkcompany|vkontakte'
# Additional VK-only text blacklists
blacklist_vk_file="${SCRIPT_DIR}/blacklists/blacklist-vk.txt"
blacklist_vk_v4_file="${SCRIPT_DIR}/blacklists/blacklist-vk-v4.txt"
blacklist_vk_v6_file="${SCRIPT_DIR}/blacklists/blacklist-vk-v6.txt"
. "${SCRIPT_DIR}/blacklists_updater_common.subr"
# Output directory and files
iptables_output_dir="${SCRIPT_DIR}/blacklists_iptables"
@@ -26,18 +11,8 @@ iptables_vk_v4_output_file="${iptables_output_dir}/blacklist-vk-v4.ipset"
iptables_vk_v6_output_file="${iptables_output_dir}/blacklist-vk-v6.ipset"
# Create required directories if they don't exist
mkdir -p "${iptables_output_dir}" "${SCRIPT_DIR}/blacklists"
# Build additional VK-only blacklist from network names in auto/*.txt files
tmp_vk_file="$(mktemp "${SCRIPT_DIR}/blacklists/.blacklist-vk.XXXXXX")"
for source_file in "${auto_all_v4_file}" "${auto_all_v6_file}" "${auto_ripe_v4_file}"; do
[ -f "${source_file}" ] || continue
awk -v pattern="${vk_name_pattern}" 'tolower($0) ~ pattern { print $1 }' "${source_file}" >> "${tmp_vk_file}"
done
sort -u "${tmp_vk_file}" > "${blacklist_vk_file}"
grep ':' "${blacklist_vk_file}" | sort -u > "${blacklist_vk_v6_file}" || true
grep -v ':' "${blacklist_vk_file}" | sort -u > "${blacklist_vk_v4_file}" || true
rm -f "${tmp_vk_file}"
mkdir -p "${iptables_output_dir}" "${BLACKLISTS_DIR}"
build_vk_name_blacklists
# Function to generate ipset config from input file
generate_ipset_config() {
@@ -99,10 +74,10 @@ EOF
}
# Generate ipset configurations from blacklist files
generate_ipset_config "${blacklist_v4_file}" "${iptables_v4_output_file}" "(IPv4 only)" "blacklist-v4" "inet"
generate_ipset_config "${blacklist_v6_file}" "${iptables_v6_output_file}" "(IPv6 only)" "blacklist-v6" "inet6"
generate_ipset_config "${blacklist_vk_v4_file}" "${iptables_vk_v4_output_file}" "(VK names, IPv4 only)" "blacklist-vk-v4" "inet"
generate_ipset_config "${blacklist_vk_v6_file}" "${iptables_vk_v6_output_file}" "(VK names, IPv6 only)" "blacklist-vk-v6" "inet6"
generate_ipset_config "${BLACKLIST_V4_FILE}" "${iptables_v4_output_file}" "(IPv4 only)" "blacklist-v4" "inet"
generate_ipset_config "${BLACKLIST_V6_FILE}" "${iptables_v6_output_file}" "(IPv6 only)" "blacklist-v6" "inet6"
generate_ipset_config "${BLACKLIST_VK_V4_FILE}" "${iptables_vk_v4_output_file}" "(VK names, IPv4 only)" "blacklist-vk-v4" "inet"
generate_ipset_config "${BLACKLIST_VK_V6_FILE}" "${iptables_vk_v6_output_file}" "(VK names, IPv6 only)" "blacklist-vk-v6" "inet6"
echo ""
echo "VK outgoing block examples (iptables/ipset):"