Remove level3

docs/vps-firehol.md

@@ -20,7 +20,6 @@ For example:
 ```
 https://raw.githubusercontent.com/firehol/blocklist-ipsets/master/firehol_level1.netset
 https://raw.githubusercontent.com/firehol/blocklist-ipsets/master/firehol_level2.netset
-https://raw.githubusercontent.com/firehol/blocklist-ipsets/master/firehol_level3.netset
 https://raw.githubusercontent.com/firehol/blocklist-ipsets/master/firehol_abusers_1d.netset
 ```
 
@@ -33,6 +32,34 @@ For example `/home/user/firehol/firehol.sh`:
 ```bash
 #!/bin/bash
 
+LOG="/home/quietsy/server/logs/vps_updates.txt"
+URLS=$(cat "/home/quietsy/server/firehol.conf")
+echo "Updating Firehol $(date)" >> $LOG
+
+for URL in $URLS
+do
+	echo $URL >> $LOG
+	NAME=$(basename $URL)
+	echo $NAME >> $LOG
+	FILE="/home/quietsy/server/firehol/$NAME"
+	/usr/bin/curl -s -k $URL > $FILE
+	sed -i -e 's#10.0.0.0/8##' -e 's#172.16.0.0/12##' -e 's#192.168.0.0/16##' -e 's#127.0.0.0/8##' $FILE
+	COUNT=$(/usr/bin/iprange -C $FILE)
+	COUNT=${COUNT/*,/}
+	echo $COUNT >> $LOG
+	/usr/sbin/ipset destroy $NAME > /dev/null 2>&1
+	/usr/bin/iprange $FILE --ipset-reduce 20 --ipset-reduce-entries 65535 --print-prefix "-A $NAME " > $FILE.ipset
+	/usr/sbin/ipset restore --exist --file $FILE.ipset >> $LOG
+	/usr/sbin/iptables -D FORWARD -m set --match-set $NAME src -j DROP > /dev/null 2>&1
+	/usr/sbin/iptables -D INPUT -m set --match-set $NAME src -j DROP > /dev/null 2>&1
+	/usr/sbin/iptables -D DOCKER-USER -m set --match-set $NAME src -j DROP > /dev/null 2>&1
+	/usr/sbin/iptables -I DOCKER-USER 1 -m set --match-set $NAME src -j DROP >> $LOG
+	/usr/sbin/iptables -I INPUT 1 -m set --match-set $NAME src -j DROP >> $LOG
+	/usr/sbin/iptables -I FORWARD 1 -m set --match-set $NAME src -j DROP >> $LOG
+done
+
+#!/bin/bash
+
 LOG="/home/user/firehol/firehol.log"
 URLS=$(cat "/home/user/firehol/firehol.conf")
 echo "Updating Firehol $(date)" >> $LOG