Closed airdogvan closed 3 years ago
arter97
commented
3 years ago Make sure you're connected to the Internet before executing curl.
I added the following before curl:
until wget --spider https://raw.githubusercontent.com/tamparm/ipsum/master/ipsum.txt > /dev/null 2>&1; do echo "Waiting for GitHub to be accessible"; sleep 1; done
stamparm
commented
3 years ago sorry @airdogvan, i just seen this issue. maybe that ipset without the absolute path (as seen that you use in other commands) is causing the problem.
so, try do /usr/sbin/ipset add ipsum $ip instead of do ipset add ipsum $ip
poddmo
commented
3 years ago Here is how I'm using ipsum, including cron scheduled updates. My environment is Armbian Focal on arm64 (nanopi r4s) and the device serves as a household internet router/gateway. First: get the latest ipsum.txt and place it at /etc/ipsum.txt. This is used to fill the ipset, even if github is unreachable. Next, I have ufw do the setup for ipsum: create and set executable: /etc/ufw/after.init
Create a script at /etc/cron.daily/ipsum2ipset, set executable:
Stupid question probably not really worth your answer but I'm trying to run this as a cron job with the following script:
!/bin/sh
/usr/sbin/ipset -q flush ipsum /usr/sbin/ipset -q create ipsum hash:net for ip in $(/usr/bin/curl --compressed https://raw.githubusercontent.com/stamparm/ipsum/master/ipsum.txt 2>/dev/null | /usr/bin/grep -v "#" | /usr/bin/grep -v -E "\s[1-2]$" | /usr/bin/cut -f 1); do ipset add ipsum $ip; done /usr/sbin/iptables -I INPUT -m set --match-set ipsum src -j DROP
and only get an empty ipset.
Obviously the flush is working but the for loop doesn't seem to get done. The script works fine if run directly from the command line.
Anyway any hints welcomed.