Introduce new List of Known Bad IP Address

2025-09-02 18:50:13 +00:00 · 2018-06-28 15:58:30 +02:00 · 2018-06-28 15:58:30 +02:00 · 4f3e457428
commit 4f3e457428
parent 2a3bc40f73
5 changed files with 104 additions and 10 deletions
--- a/.dev-tools/generate-blacklist.sh
+++ b/.dev-tools/generate-blacklist.sh
@ -57,16 +57,18 @@ _now="$(date)"
 # Specify input lists for the generator
 # *************************************

-_input1=$TRAVIS_BUILD_DIR/_generator_lists/good-user-agents.list
-_input2=$TRAVIS_BUILD_DIR/_generator_lists/allowed-user-agents.list
-_input3=$TRAVIS_BUILD_DIR/_generator_lists/limited-user-agents.list
-_input4=$TRAVIS_BUILD_DIR/_generator_lists/bad-user-agents.list
-_input5=$TRAVIS_BUILD_DIR/.dev-tools/referrers-regex-format.txt
-_input6=$TRAVIS_BUILD_DIR/_generator_lists/google-ip-ranges.list
-_input7=$TRAVIS_BUILD_DIR/_generator_lists/bing-ip-ranges.list
-_input8=$TRAVIS_BUILD_DIR/_generator_lists/wordpress-theme-detectors.list
-_input9=$TRAVIS_BUILD_DIR/_generator_lists/nibbler-seo.list
-_input10=$TRAVIS_BUILD_DIR/_generator_lists/cloudflare-ip-ranges.list
+_input1=${TRAVIS_BUILD_DIR}/_generator_lists/good-user-agents.list
+_input2=${TRAVIS_BUILD_DIR}/_generator_lists/allowed-user-agents.list
+_input3=${TRAVIS_BUILD_DIR}/_generator_lists/limited-user-agents.list
+_input4=${TRAVIS_BUILD_DIR}/_generator_lists/bad-user-agents.list
+_input5=${TRAVIS_BUILD_DIR}/.dev-tools/referrers-regex-format.txt
+_input6=${TRAVIS_BUILD_DIR}/_generator_lists/google-ip-ranges.list
+_input7=${TRAVIS_BUILD_DIR}/_generator_lists/bing-ip-ranges.list
+_input8=${TRAVIS_BUILD_DIR}/_generator_lists/wordpress-theme-detectors.list
+_input9=${TRAVIS_BUILD_DIR}/_generator_lists/nibbler-seo.list
+_input10=${TRAVIS_BUILD_DIR}/_generator_lists/cloudflare-ip-ranges.list
+_input11=${TRAVIS_BUILD_DIR}/_generator_lists/bad-ip-addresses.list
+

 # *******************************************************
 # Declare temporary database files used during generation
@ -83,6 +85,7 @@ _inputdb7=/tmp/bing-ip-ranges.db
 _inputdb8=/tmp/wordpress-theme-detectors.db
 _inputdb9=/tmp/nibbler-seo.db
 _inputdb10=/tmp/cloudflare-ip-ranges.db
+_inputdb11=/tmp/bad-ip-addresses.db

 # **************************************************
 # Declare temporary variables used during generation
@ -100,6 +103,7 @@ _tmpnginx7=_tmpnginx7
 _tmpnginx8=_tmpnginx8
 _tmpnginx9=_tmpnginx9
 _tmpnginx10=_tmpnginx10
+_tmpnginx11=_tmpnginx11

 # *************************************************************
 # Sort all input lists alphabetically and remove any duplicates
@ -140,6 +144,8 @@ _start9="# START NIBBLER ### DO NOT EDIT THIS LINE AT ALL ###"
 _end9="# END NIBBLER ### DO NOT EDIT THIS LINE AT ALL ###"
 _start10="# START CLOUDFLARE IP RANGES ### DO NOT EDIT THIS LINE AT ALL ###"
 _end10="# END CLOUDFLARE IP RANGES ### DO NOT EDIT THIS LINE AT ALL ###"
+_start11="# START KNOWN BAD IP ADDRESSES ### DO NOT EDIT THIS LINE AT ALL ###"
+_end11="# END KNOWN BAD IP ADDRESSES ### DO NOT EDIT THIS LINE AT ALL ###"
 _startmarker="### VERSION INFORMATION #"
 _endmarker="### VERSION INFORMATION ##"

@ -395,6 +401,29 @@ q
 IN
 rm $_inputdb10

+# ****************************************
+# KNOWN BAD IP RANGES - Create and Insert
+# ****************************************
+
+printf '%s\n' "$_start11" >> "$_tmpnginx11"
+while IFS= read -r LINE
+do
+printf '\t%s\t\t%s\n' "${LINE}" "$_action1" >> "$_tmpnginx11"
+done < $_input11
+printf '%s\n' "$_end11"  >> "$_tmpnginx11"
+mv $_tmpnginx11 $_inputdb11
+ed -s $_inputdb11<<\IN
+1,/# START CLOUDFLARE IP RANGES ### DO NOT EDIT THIS LINE AT ALL ###/d
+/# END CLOUDFLARE IP RANGES ### DO NOT EDIT THIS LINE AT ALL ###/,$d
+,d
+.r /home/travis/build/mitchellkrogza/nginx-ultimate-bad-bot-blocker/.dev-tools/globalblacklist.template
+/# START KNOWN BAD IP ADDRESSES ### DO NOT EDIT THIS LINE AT ALL ###/x
+.t.
+.,/# END KNOWN BAD IP ADDRESSES ### DO NOT EDIT THIS LINE AT ALL ###/-d
+w /home/travis/build/mitchellkrogza/nginx-ultimate-bad-bot-blocker/.dev-tools/globalblacklist.template
+q
+IN
+rm $_inputdb11

 # *******************************************************************************
 # PRINT VERSION, SCRIPT RUNTIME and UPDATE INFORMATION INTO GLOBALBLACKLIST FILES
--- a/.dev-tools/generate-files.sh
+++ b/.dev-tools/generate-files.sh
@ -61,6 +61,7 @@ sudo chmod +x $TRAVIS_BUILD_DIR/.dev-tools/install-nginx-1.sh
 sudo chmod +x $TRAVIS_BUILD_DIR/.dev-tools/install-nginx-2.sh
 sudo chmod +x $TRAVIS_BUILD_DIR/.dev-tools/install-nginx-3.sh
 sudo chmod +x $TRAVIS_BUILD_DIR/.dev-tools/install-nginx-4.sh
+sudo chmod +x $TRAVIS_BUILD_DIR/.dev-tools/pull-data.sh

 cd $TRAVIS_BUILD_DIR

--- a/.dev-tools/globalblacklist.template
+++ b/.dev-tools/globalblacklist.template
@ -7414,6 +7414,18 @@ geo $validate_client {
 # END BLACKLISTED IPS ### DO NOT EDIT OR REMOVE THIS LINE AT ALL ###
 # ******************************************************************

+# *********************************************************************************************
+# KNOWN BAD IP ADDRESSES
+# Source: https://github.com/mitchellkrogza/Suspicious.Snooping.Sniffing.Hacking.IP.Addresses
+# A Reliable Daily Updated List Included Below of Known Bad IP Addresses, Snoopers and Sniffers
+# *********************************************************************************************
+
+# START KNOWN BAD IP ADDRESSES ### DO NOT EDIT THIS LINE AT ALL ###
+
+
+# END KNOWN BAD IP ADDRESSES ### DO NOT EDIT THIS LINE AT ALL ###
+
+
 }

 # WHITELIST your own IPs from the DDOS Filter
--- a/.dev-tools/pull-data.sh
+++ b/.dev-tools/pull-data.sh
@ -0,0 +1,51 @@
+#!/bin/bash
+# Generator Script for NGinx Ultimate Bad Bot Blocker
+# REPO: https://github.com/mitchellkrogza/nginx-ultimate-bad-bot-blocker
+# Copyright Mitchell Krog - mitchellkrog@gmail.com
+
+# *******************************
+# Input and Output File Variables
+# *******************************
+
+outputfile=${TRAVIS_BUILD_DIR}/_generator_lists/bad-ip-addresses.list
+
+# **************
+# Temp Variables
+# **************
+
+tmp=${TRAVIS_BUILD_DIR}/_generator_lists/tmp.list
+
+# **********************************************
+# Fetch our feed(s) and append to our input file
+# **********************************************
+
+fetch () {
+    sudo wget https://raw.githubusercontent.com/mitchellkrogza/Suspicious.Snooping.Sniffing.Hacking.IP.Addresses/master/ips.list -O ${outputfile}
+}
+
+# *************************************************
+# Prepare our input lists and remove any duplicates
+# *************************************************
+
+initiate () {
+
+    # Prepare Feed 1
+    sort -u ${outputfile} -o ${outputfile}
+    grep '[^[:blank:]]' < ${outputfile} > ${tmp}
+    sudo mv ${tmp} ${outputfile}
+	sudo dos2unix ${outputfile}
+
+}
+
+# *****************
+# Trigger Functions
+# *****************
+
+fetch
+initiate
+
+# **********************
+# Exit With Error Number
+# **********************
+
+exit ${?}
--- a/.travis.yml
+++ b/.travis.yml
@ -37,6 +37,7 @@ install:
  - sudo apt-get -y install dos2unix

 script:
+  - bash .dev-tools/pull-data.sh
  - bash .dev-tools/generate-files.sh
  - bash .dev-tools/install-nginx-1.sh
  - bash .dev-tools/run-curl-tests-1.sh