-
Notifications
You must be signed in to change notification settings - Fork 3
/
geoip2ipset.sh
52 lines (46 loc) · 1.47 KB
/
geoip2ipset.sh
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
#!/bin/bash
geoipfile="$1"
tag="$2"
tmpdir="/tmp/v2dat"
FW4=$(command -v fw4)
cd $(cd $(dirname $BASH_SOURCE) && pwd)
mkdir -p "$tmpdir"
filename=$(basename -- "$geoipfile")
filename="${filename%.*}"
filename="$tmpdir/${filename}_$tag.txt"
if [ "$tag" == "telegram" ]; then
wget -4 --timeout 5 -O "$filename" 'https://ghproxy.cc/https://raw.githubusercontent.com/Sereinfy/mosdns-config/main/cidr.txt'
if [ "$?" != "0" ]; then
/usr/bin/v2dat unpack geoip -o "$tmpdir" -f "$tag" "$geoipfile"
fi
else
/usr/bin/v2dat unpack geoip -o "$tmpdir" -f "$tag" "$geoipfile"
fi
if test -f "$filename"; then
if [ -n "$FW4" ]; then
nft add set inet fw4 "$tag" { type ipv4_addr\; flags interval\; auto-merge\; }
nft add set inet fw4 "${tag}6" { type ipv6_addr\; flags interval\; auto-merge\; }
nft flush set inet fw4 "$tag"
nft flush set inet fw4 "${tag}6"
fi
ipset create "$tag" hash:net -!
ipset create "${tag}6" hash:net family inet6 -!
ipset flush "$tag"
ipset flush "${tag}6"
while read p; do
if ! grep -q ":" <<< "$p"; then
if [ -n "$FW4" ]; then
nft add element inet fw4 "$tag" { "$p" }
fi
ipset add "$tag" "$p"
else
if [ -n "$FW4" ]; then
nft add element inet fw4 "${tag}6" { "$p" }
fi
ipset add "${tag}6" "$p"
fi
done <"$filename"
else
echo "$filename missing."
fi
rm -rf "$tmpdir"