Skip to content

Commit

Permalink
use ipset improve performace
Browse files Browse the repository at this point in the history
  • Loading branch information
@dawei101
dawei101 committed Nov 28, 2022
1 parent f4e6971 commit bb1436e
Showing 1 changed file with 7 additions and 7 deletions.
14 changes: 7 additions & 7 deletions iptables.sh
View file
Original file line number Diff line number Diff line change
@@ -1,8 +1,3 @@
iptables -D FORWARD -j ANTI-PORN
iptables -F ANTI-PORN
iptables -X ANTI-PORN

iptables -N ANTI-PORN

echo > /tmp/ips

Expand All @@ -17,7 +12,12 @@ while read -r line; do
block $line &
done < /tmp/domains.txt

cat /tmp/ips | sort | uniq | xargs -I % iptables -A ANTI-PORN -d % -j DROP
sleep 2

iptables -D FORWARD -m set --match-set porn-ipset src -j DROP
ipset destroy porn-ipset

iptables -I FORWARD 1 -j ANTI-PORN
cat /tmp/ips | sort | uniq | wc -l | xargs -I % ipset create porn-ipset hash:ip maxelem %
cat /tmp/ips | sort | uniq | xargs -I % ipset add porn-ipset %

iptables -I FORWARD 1 -m set --match-set porn-ipset src -j DROP

0 comments on commit bb1436e

Please sign in to comment.