Skip to content

E
etersoft-admin-essentials
You need to sign in or sign up before continuing.
Commit d192cc02 authored by Vitaly Lipatov's avatar Vitaly Lipatov
Browse files
Options

update_z-i.sh: improve

parent 3ee22a99
Hide whitespace changes
Inline Side-by-side
Showing with 22 additions and 7 deletions
router/update_z-i.sh
View file @ d192cc02
#!/bin/sh #!/bin/sh
# Usage: --show|--force
cd $(dirname "$(realpath "$0")") || exit #" cd $(dirname "$(realpath "$0")") || exit #"
SETNAME=rkz SETNAME=rkz
TMPNAME=rkz.ntmp TMPNAME=rkz.ntmp
MAXELEM=200000 MAXELEM=5000000
IFACE=breth0 IFACE=breth0
# hash:ip # hash:ip
IPSTYPE=hash:net IPSTYPE=hash:net
if [ "$1" = "--show" ] ; then if [ "$1" = "--show" ] ; then
echo "iptables -t mangle -A PREROUTING -i $IFACE -m set --match-set $SETNAME dst -j MARK --set-mark 5" echo "Example:"
echo "# iptables -t mangle -A PREROUTING -i $IFACE -m set --match-set $SETNAME dst -j MARK --set-mark 5"
echo "ipset list size: $(ipset list $SETNAME | wc -l)"
exit exit
fi fi
# download new list # download new list
./get_ips_z-i.sh | grep -v HASH > $0.list ./get_ips_z-i.sh | grep -v HASH > $0.list
if [ ! -s "$0.list" ] ; then
echo "$0.list is empty"
exit 1
fi
FIRSTRUN=''
ipset list -n | grep -q "^$SETNAME$" || FIRSTRUN='1'
if [ -s "$0.list.old" ] ; then if [ -s "$0.list.old" ] ; then
# just return if there are no changes # just return if there are no changes
diff -u $0.list.old $0.list >$0.list.changes.tmp && exit diff -u $0.list.old $0.list >$0.list.changes.tmp && [ "$FIRSTRUN" != '1' ] && [ "$1" != "--force" ] && exit
echo >>$0.list.changes echo >>$0.list.changes
date >>$0.list.changes date >>$0.list.changes
cat $0.list.changes.tmp | grep "^[+-]" >>$0.list.changes cat $0.list.changes.tmp | grep "^[+-]" >>$0.list.changes
...@@ -29,8 +42,6 @@ fi ...@@ -29,8 +42,6 @@ fi
ipset -exist create $SETNAME $IPSTYPE maxelem $MAXELEM ipset -exist create $SETNAME $IPSTYPE maxelem $MAXELEM
# something like clean
ipset -exist destroy $TMPNAME
# Obsoleted element by element # Obsoleted element by element
...@@ -40,13 +51,17 @@ ipset -exist destroy $TMPNAME ...@@ -40,13 +51,17 @@ ipset -exist destroy $TMPNAME
# ipset add $SETNAME.tmp $ip # ipset add $SETNAME.tmp $ip
#done #done
# clean before use
ipset destroy $TMPNAME 2>/dev/null
# Use single ipset run (see https://bugs.etersoft.ru/show_bug.cgi?id=12353) # Use single ipset run (see https://bugs.etersoft.ru/show_bug.cgi?id=12353)
( echo "create $TMPNAME $IPSTYPE hashsize 65536 maxelem $MAXELEM" ; \ ( echo "create $TMPNAME $IPSTYPE hashsize 65536 maxelem $MAXELEM" ; \
cat $0.list | grep -v "^$" | sed -e "s|^|add $TMPNAME |" ) | ipset -exist restore cat $0.list | grep -v "^$" | grep -v ":" | sed -e "s|^|add $TMPNAME |" ) | ipset -exist restore
#ipset list $TMPNAME >$0.list ipset list $TMPNAME >$0.ipv4
ipset list $TMPNAME | wc -l >$0.count ipset list $TMPNAME | wc -l >$0.count
ipset list $TMPNAME | grep "/" >$0.subnet ipset list $TMPNAME | grep "/" >$0.subnet
cat $0.list | grep ":" >$0.skipped.ipv6
ipset swap $TMPNAME $SETNAME ipset swap $TMPNAME $SETNAME
mv $0.list $0.list.old mv $0.list $0.list.old
......
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment