-
Notifications
You must be signed in to change notification settings - Fork 127
/
b2.sh
29 lines (25 loc) · 1.2 KB
/
b2.sh
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
#!/bin/bash
clear
po=$(cat /etc/ssh/sshd_config | grep "^Port")
port=$(echo "$po" | sed "s/Port //g")
sudo apt install libtext-csv-xs-perl libmoosex-types-netaddr-ip-perl iptables-persistent ipset -y
sudo wget -4 -O /root/iranip.txt https://raw.githubusercontent.com/HamedAp/Ssh-User-management/main/iranip.txt &
wait
iptables -F
ipset create shahaniran hash:net
ipset flush shahaniran
while read line; do ipset add shahaniran $line; done < /root/iranip.txt
iptables -A INPUT -p tcp --dport 22 -m set --match-set shahaniran src -j ACCEPT
iptables -A INPUT -p tcp --dport $port -m set --match-set shahaniran src -j ACCEPT
iptables -A INPUT -p tcp -m set --match-set shahaniran src -j ACCEPT
iptables -A INPUT -m set --match-set shahaniran src -j ACCEPT
#iptables -A OUTPUT -m set --match-set shahaniran src -j DROP
iptables -A OUTPUT -p tcp --dport 443 -m set --match-set shahaniran dst -j DROP
iptables -A OUTPUT -p tcp --dport 80 -m set --match-set shahaniran dst -j DROP
iptables -A INPUT -m state --state ESTABLISHED,RELATED -j ACCEPT
iptables -I INPUT 1 -i lo -j ACCEPT
iptables -A INPUT -j DROP
sudo iptables-save | sudo tee /etc/iptables/rules.v4
clear
echo "Blocked Iran Ip :)"
echo "Blocked Panel From Outside :)"