We use cookies to ensure you get the best experience on our website
Home Explore Help
Sign In
mirror
/
bash-linux-utils
mirror of https://github.com/vladimirok5959/bash-linux-utils.git
2
0
Fork 0
Files Wiki
Tree: 358c493675
Branches Tags
bash-linux-util...
/
iptables-http-cloudflare

iptables-http-cloudflare 712 B
History Raw

12345678910111213141516171819202122232425 
  1. #!/bin/bash
    2. 

  2. 

  3. # Clear rules
    4. 

  4. /usr/local/bin/iptables-http-clear
    5. 

  5. 

  6. # Download IP list to temp file
    7. 

  7. /usr/bin/wget "https://www.cloudflare.com/ips-v4" -O /tmp/ipslist.txt
    8. 

  8. 

  9. # Deny all requests to port 80 from all
    10. 

  10. /sbin/iptables -I INPUT -p tcp -s 0.0.0.0/0 --dport 80 -j REJECT --reject-with tcp-reset
    11. 

  11. 

  12. # Allow requests from www.cloudflare.com
    13. 

  13. while read ip; do
    14. 

  14. 	if [ "$ip" != "" ]; then
    15. 

  15. 		/sbin/iptables -I INPUT -p tcp -s $ip --dport 80 -j ACCEPT
    16. 

  16. 	fi
    17. 

  17. done < /tmp/ipslist.txt
    18. 

  18. 

  19. # Allow from our servers
    20. 

  20. # /sbin/iptables -I INPUT -p tcp -s 127.0.0.1 --dport 80 -j ACCEPT
    21. 

  21. # /sbin/iptables -I INPUT -p tcp -s 127.0.0.2 --dport 80 -j ACCEPT
    22. 

  22. # Where "127.0.0.1" is our server IP
    23. 

  23. 

  24. # Remove temp file
    25. 

  25. /bin/rm /tmp/ipslist.txt
    26.