#!/bin/bash
URL="http://www.spamhaus.org/drop/drop.lasso"
drop=/tmp/drop.lasso.$$.$RANDOM
trap "rm -f $drop" EXIT
echo -n "Applying DROP list to existing firewall..."
wget -q -O $drop $URL
blocks=$(cat $drop | egrep -v '^;' | while read line ; do echo ${line%%;*} ; done)
...

Where regular_rules is a file containing all your standard iptables rules that you want to add the spamhaus rules to each day.

Not sure if i should stop and start the iptables service, i don’t currently, but i guess it’s an easy addition… Thanks for the script…

Just run the script a few times and see.
1st run iptables rules count: 365
2nd run: 592
3rd run: 865

This will only block bad guyes and not ssh, until and unless your IP is one of them ;)

This article states specifically

you need to run on Linux based firewall / router / dedicated Linux web / mail server

My server is doing everything and it’s brother. Is this going to affect all the other crap this box is doing (well, specifically ssh)?

thanks for sharing shorewall script.

#!/bin/sh
#
# Drop all these bad IP's
#
TMPFILE=/tmp/`apg -a 1 -M nc -n 1 -m 26`
touch $TMPFILE
curl -s http://www.spamhaus.org/drop/drop.lasso |grep ^[1-9]|cut -f 1 -d ' ' > $TMPFILE
for IP in `cat $TMPFILE`; do
/sbin/shorewall drop $IP
sleep 5
done
rm $TMPFILE

The sleep statement helps the process from hogging all server resources….

Set this to run via cron twice daily – prefer to be a little paranoid in case of mid-day updates :)

You are dropping all incoming traffic from bad guys .

If so, does that add much benefit?

Yes you need to update or add those ips to null0.