Refactored badguys

diff --git a/closed.conf b/closed.conf
index 9ce2d56..81c2863 100644 (file)
--- a/closed.conf
+++ b/closed.conf
@@ -90,52 +90,13 @@ chain OUTPUT {
        goto LDENY;
 }
 
+%BADGUYS = `cat /etc/firewall/badguys | grep -v '^#'`
+
 #####################################################################
 # Deal with known offenders right away
 # Make difference between notorious ones and unusual ones
 chain badguys {
-
-       saddr(
-               # Mailbombing nion's email
-               152.163.210.178
-               205.188.135.170
-               64.12.187.193
-
-               # Executed nion's CGI script 400,000 times
-               24.186.165.67
-
-               # docelic, Wed Aug  3 04:18:56 EDT 2005
-               # Trying out new server with all kinds of usernames on ssh
-               # (All of those seem to be from the same "mastermind")
-               211.48.20.153
-               62.36.240.114
-               62.75.240.62
-               210.204.193.1
-               84.26.59.170
-               # docelic, Sun Aug 21 01:29:10 EDT 2005
-               63.76.235.2 
-               80.48.31.252 
-               220.194.55.126 
-               163.26.229.131
-               201.6.223.150
-               64.34.171.56
-               82.177.98.1
-               61.185.219.23
-               62.62.224.184
-               212.0.107.141
-               60.248.227.34
-               63.246.10.45
-               # docelic, Sun Aug 21 22:14:15 EDT 2005
-               210.184.124.11
-               210.238.188.155
-               63.247.76.10
-
-               # Log says reverse mapping failed for this address
-               # (hundreds of entries)
-               114.67.19.241
-       ) {
-               DROP;
-       }
+       saddr %BADGUYS DROP;
 }
 
 #####################################################################