firewall_pleroma_rejects.sh: Removed old TODO, added comments.

2019-07-14 01:19:22 +02:00 · 2019-07-14 01:19:22 +02:00 · a4dba85927
parent e1749a8b45
commit a4dba85927
1 changed files with 29 additions and 29 deletions
--- a/firewall_pleroma_rejects.sh
+++ b/firewall_pleroma_rejects.sh
@ -4,21 +4,22 @@
 # BE CAREFUL: Some instances may run under a shared IP, you may block more than
 # you want. No warranties and so on.
-# Version: 2019-07-13_1
+# Version: 2019-07-14_1
 # Before you run this script for the first time, run:
 # nft add table inet fediverse
-function get_domains()
+function get_domains()          # Outputs domains, separated by newline.
 {
    local instance="${1}"
    local nodeinfo=$(curl -s "https://${instance}/nodeinfo/2.1.json")
-    local domains_json=$(jq -c '.metadata.federation.mrf_simple.reject' <<<"${nodeinfo}")
+    local domains_json=$(jq -c '.metadata.federation.mrf_simple.reject' \
                            <<<"${nodeinfo}")
    sed -e 's/\[//' -e 's/\]//' -e 's/"//g' -e 's/,/\n/g' <<<"${domains_json}"
 }
-function get_ips()
+function get_ips()              # Outputs IPs, separated by newline.
 {
    local domain="${1}"
@ -38,46 +39,45 @@ function get_ips()
    done
 }
-function gen_rule()
+function gen_rule()          # Generates rule for IP if it is not in ignorelist.
 {
    # TODO: Filter out Cloudflare-IPs.
    local ip="${1}"
    local domain="${2}"
-    # Regular expressions to ignore.
+    # Regular expressions of IPs to ignore.
-    local -a ignorelist=("^2001:41d0:302:1100:"         # masto.host
+    local -a ignorelist=("^2001:41d0:302:1100:"    # masto.host
-                         "^217\.182\.80\.236$"          # masto.host
+                         "^217\.182\.80\.236$"     # masto.host
-                         "^2a06:98c[0-7]:"              # CloudFlare 2a06:98c0::/29
+                         "^2a06:98c[0-7]:"         # CloudFlare 2a06:98c0::/29
-                         "^2400:cb00:"                  # CloudFlare 2400:cb00::/32
+                         "^2400:cb00:"             # CloudFlare 2400:cb00::/32
-                         "^2606:4700:"                  # CloudFlare 2606:4700::/32
+                         "^2606:4700:"             # CloudFlare 2606:4700::/32
-                         "^2803:f800:"                  # CloudFlare 2803:f800::/32
+                         "^2803:f800:"             # CloudFlare 2803:f800::/32
-                         "^2405:b500:"                  # CloudFlare 2405:b500::/32
+                         "^2405:b500:"             # CloudFlare 2405:b500::/32
-                         "^2405:8100:"                  # CloudFlare 2405:8100::/32
+                         "^2405:8100:"             # CloudFlare 2405:8100::/32
-                         "^2c0f:f248:"                  # CloudFlare 2c0f:f248::/32
+                         "^2c0f:f248:"             # CloudFlare 2c0f:f248::/32
-                         "^104\.1[6-9]\."               # CloudFlare 104.16.0.0/12
+                         "^104\.1[6-9]\."          # CloudFlare 104.16.0.0/12
                         "^104\.2[0-9]\."
                         "^104\.3[01]\."
-                         "^172\.6[4-9]\."               # CloudFlare 172.64.0.0/13
+                         "^172\.6[4-9]\."          # CloudFlare 172.64.0.0/13
                         "^172\.7[01]\."
-                         "^162\.15[89]\."               # CloudFlare 162.158.0.0/15
+                         "^162\.15[89]\."          # CloudFlare 162.158.0.0/15
-                         "^198\.41\.12[89]\."           # CloudFlare 198.41.128.0/17
+                         "^198\.41\.12[89]\."      # CloudFlare 198.41.128.0/17
                         "^198\.41\.1[3-5][0-9]\."
-                         "^141\.101\.6[4-9]\."          # CloudFlare 141.101.64.0/18
+                         "^141\.101\.6[4-9]\."     # CloudFlare 141.101.64.0/18
                         "^141\.101\.[7-9][0-9]\."
                         "^141\.101\.1[01][0-9]\."
                         "^141\.101\.12[0-7]\."
-                         "^108\.162\.19[2-9]\."         # CloudFlare 108.162.192.0/18
+                         "^108\.162\.19[2-9]\."    # CloudFlare 108.162.192.0/18
                         "^108\.162\.2[0-9]+\."
-                         "^173\.245\.4[89]\."           # CloudFlare 173.245.48.0/20
+                         "^173\.245\.4[89]\."      # CloudFlare 173.245.48.0/20
                         "^173\.245\.5[0-9]\."
                         "^173\.245\.6[0-3]\."
-                         "^190\.93\.2[45][0-9]\."       # CloudFlare 190.93.240.0/20
+                         "^190\.93\.2[45][0-9]\."  # CloudFlare 190.93.240.0/20
-                         "^188\.114\.9[6-9]\."          # CloudFlare 188.114.96.0/20
+                         "^188\.114\.9[6-9]\."     # CloudFlare 188.114.96.0/20
                         "^188\.114\.10[0-9]\."
                         "^188\.114\.111\."
-                         "^103\.21\.24[4-7]\."          # CloudFlare 103.21.244.0/22
+                         "^103\.21\.24[4-7]\."     # CloudFlare 103.21.244.0/22
-                         "^103\.22\.20[0-3]\."          # CloudFlare 103.22.200.0/22
+                         "^103\.22\.20[0-3]\."     # CloudFlare 103.22.200.0/22
-                         "^197\.234\.24[0-3]"           # CloudFlare 197.234.240.0/22
+                         "^197\.234\.24[0-3]"      # CloudFlare 197.234.240.0/22
-                         "^131\.0\.7[2-5]\."            # CloudFlare 131.0.72.0/22
+                         "^131\.0\.7[2-5]\."       # CloudFlare 131.0.72.0/22
                        )
    for ignore in ${ignorelist}; do