mirror of
https://github.com/C24Be/AS_Network_List.git
synced 2026-01-24 23:26:38 +03:00
a3a5ec2ea8
* Add nftables support with config generator and IP checker - Add generate_nft_blacklist.py for generating nftables configurations - Add check_nft_blacklist.py for verifying IPs against blacklist - Add blacklists_updater_nftables.sh for automated updates - Add blacklists_nftables/ directory with generated configs - Add GitHub Actions workflow for daily nftables updates - Update README.md with nftables usage instructions nftables is a modern replacement for iptables with better performance and lower memory usage, especially for large rulesets. This addition complements the existing iptables and nginx blacklist formats. * Added nftables scripts help
36 lines
1.0 KiB
Bash
Executable File
36 lines
1.0 KiB
Bash
Executable File
#!/bin/bash
|
|
# Generates nftables blacklist configurations from the main blacklist
|
|
|
|
set -e
|
|
|
|
SCRIPT_DIR="$(cd "$(dirname "${BASH_SOURCE[0]}")" && pwd)"
|
|
INPUT_FILE="$SCRIPT_DIR/blacklists/blacklist.txt"
|
|
OUTPUT_DIR="$SCRIPT_DIR/blacklists_nftables"
|
|
|
|
# Create output directory if it doesn't exist
|
|
mkdir -p "$OUTPUT_DIR"
|
|
|
|
echo "Generating nftables blacklists..."
|
|
|
|
# Generate mixed IPv4/IPv6 blacklist
|
|
python3 "$SCRIPT_DIR/generate_nft_blacklist.py" \
|
|
"$INPUT_FILE" \
|
|
"$OUTPUT_DIR/blacklist.nft"
|
|
|
|
# Generate IPv4-only blacklist
|
|
grep -E '^[0-9]+\.[0-9]+\.[0-9]+\.[0-9]+' "$INPUT_FILE" > /tmp/blacklist-v4.txt || true
|
|
python3 "$SCRIPT_DIR/generate_nft_blacklist.py" \
|
|
/tmp/blacklist-v4.txt \
|
|
"$OUTPUT_DIR/blacklist-v4.nft"
|
|
|
|
# Generate IPv6-only blacklist
|
|
grep -E '^[0-9a-fA-F:]+:' "$INPUT_FILE" > /tmp/blacklist-v6.txt || true
|
|
python3 "$SCRIPT_DIR/generate_nft_blacklist.py" \
|
|
/tmp/blacklist-v6.txt \
|
|
"$OUTPUT_DIR/blacklist-v6.nft"
|
|
|
|
# Clean up temp files
|
|
rm -f /tmp/blacklist-v4.txt /tmp/blacklist-v6.txt
|
|
|
|
echo "nftables blacklists generated successfully!"
|