modernham
commented
7 months ago I'll take a look at this and see if I can get it fixed tonight.
Open mangelot opened 7 months ago
modernham
commented
7 months ago I'll take a look at this and see if I can get it fixed tonight.
mangelot
commented
7 months ago Hi, can you take a look at following code en verify this works correctly? (I'm no python coder)
Best regards, Marco
from urllib.request import urlopen from datetime import datetime
author = "ModernHam" license = "GPLv3" FILEPATH = "/etc/pve/firewall/cluster.fw.test"
header = """[IPSET blacklist] """
def writeFile(): data = urlopen('https://lists.blocklist.de/lists/all.txt').read() # bytes body = data.decode('utf-8') file_data = header + body
newfile = [] # Reset newfile for each execution
with open(FILEPATH, 'r+') as file:
lines = file.readlines()
file.seek(0) # Move the file pointer to the beginning
ipset_found = False
for line in lines:
if line.__contains__("[IPSET blacklist]"):
ipset_found = True
elif ipset_found and line.startswith("["):
ipset_found = False
else:
if not ipset_found:
newfile.append(line)
if not ipset_found:
newfile.append(file_data)
file.writelines(newfile) # Write the updated content
print(str(datetime.now()) + ": " + "Updated cluster.fw with " + str(len(body.split("\n"))) + " entries.")writeFile()
When using the script the [IPSET Blacklist] section is added (append) to cluster.fw But if the [IPSET blacklist] is in the middle of the cluster.fw and the other rules [management] if below that those are overwritten with this script.
Is it possible to first remove the old [IPSET Blacklist] data with a regex remove everything between [IPSET Blacklist] ip-addresses and next [firewall group]
After that add and confirm the [IPSET Blacklist] is appended to bottom of the cluster.fw file en that append the new blacklist ip-adresses?