#!/bin/bash
# A Nginx Shell Script To Block Spamhaus Lasso Drop Spam IP Address
# Run this script once a day and drop all spam network IPs (netblock) with http 403 client error.
# The script will get executed every day via /etc/cron.daily (make sure crond
# is running).
# -------------------------------------------------------------------------
# Copyright (c) 2008 nixCraft project <http://cyberciti.biz/fb/>
# This script is licensed under GNU GPL version 2.0 or above
# -------------------------------------------------------------------------
# This script is part of nixCraft shell script collection (NSSC)
# Visit http://bash.cyberciti.biz/ for more information.
# -------------------------------------------------------------------------
# Last updated on Jan/11/2010
# -------------------------------------------------------------------------
# 
# include drop.lasso.conf;
#
# tmp file
FILE="/tmp/drop.lasso.txt.$$"
 
# nginx config file - path to nginx drop conf file
OUT=/etc/nginx/drop.lasso.conf
 
URLS=(
    "https://www.spamhaus.org/drop/drop.txt"
    "https://www.spamhaus.org/drop/edrop.txt"
    "https://www.spamhaus.org/drop/dropv6.txt"
)

# reload command
NGINX="/etc/init.d/nginx reload"
 
# remove old file
[[ -f $FILE ]] && /bin/rm -f $FILE
 
# emply nginx deny file
>$OUT
 
# get database
for i in "${URLS[@]}"
do
    curl "$i" >> $FILE
done
 
# format in nginx deny netblock; format
/bin/egrep -v '^;' $FILE  | awk '{ print "deny " $1";"}' >>$OUT
 
# reload nginx
/bin/sync && ${NGINX}