#!/bin/bash
ipset list |grep blacklist
if [ $? == 1 ];then
ipset create blacklist hash:ip
else
ipset flush blacklist
fi
for i in `cat filter.txt`
do
{
ipset add blacklist $i
}
done
iptables -nvL |grep blacklist
if [ $? == 1 ];then
iptables -I INPUT -m set --match-set blacklist src -p tcp -j DROP
fi