summaryrefslogtreecommitdiffstats
path: root/torblock.sh
blob: a0265560127fd063d7a6f06b91468a0522847e94 (plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
#!/bin/bash

set -e

get_ips() {
	curl -sSL "https://check.torproject.org/cgi-bin/TorBulkExitList.py?ip=$(curl -s icanhazip.com | grep_ip)" | sed '/^#/d' | grep_ip
}

grep_ip() {
	grep -Eo "([0-9]{1,3}[\.]){3}[0-9]{1,3}"
}

ipset flush tor || true
ipset create -exist tor iphash

get_ips | sed 's#^#add tor #' | ipset restore

iptables -I INPUT -m set --match-set tor src -j REJECT --reject-with icmp-admin-prohibited