-
Notifications
You must be signed in to change notification settings - Fork 51
/
net.dshield.block.plist
24 lines (24 loc) · 1.46 KB
/
net.dshield.block.plist
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
<?xml version="1.0" encoding="UTF-8"?>
<!DOCTYPE plist PUBLIC "-//Apple//DTD PLIST 1.0//EN" "http://www.apple.com/DTDs/PropertyList-1.0.dtd">
<plist version="1.0">
<dict>
<key>Label</key>
<string>net.dshield.block</string>
<key>Program</key>
<string>/bin/bash</string>
<key>ProgramArguments</key>
<array>
<string>/bin/bash</string>
<string>-c</string>
<string>/bin/mkdir -p /usr/local/etc ; /opt/local/bin/wget -N -P /usr/local/etc http://feeds.dshield.org/block.txt && /opt/local/bin/wget -N -P /usr/local/etc http://feeds.dshield.org/block.txt.asc && /opt/local/bin/gpg --verify /usr/local/etc/block.txt.asc /usr/local/etc/block.txt && /usr/bin/perl -ane 'use POSIX; use Data::Validate::IP; my $vip=Data::Validate::IP->new; if (/^\w*#/) { print; } elsif ($vip->is_ipv4($F[0]) & $vip->is_ipv4($F[1]) & isdigit($F[2]) & (0<= $F[2] & $F[2]<=32)) { print $F[0], "/", $F[2], "\n"; }' /usr/local/etc/block.txt > /tmp/dshield_block_ip.txt && /usr/bin/install -m 644 -g admin -S /tmp/dshield_block_ip.txt /usr/local/etc/dshield_block_ip.txt ; /bin/rm -f /tmp/dshield_block_ip.txt ; /sbin/pfctl -a blockips -T load -f /usr/local/etc/blockips.conf</string>
</array>
<key>RunAtLoad</key>
<false/>
<key>StartInterval</key>
<integer>11250</integer>
<key>StandardErrorPath</key>
<string>/var/log/pf.log</string>
<key>StandardOutPath</key>
<string>/var/log/pf.log</string>
</dict>
</plist>