From Nate, 2 Weeks ago, written in Plain Text.
This paste will expire in 1 Week.
Embed
  1. # fetch the list of vpn servers
  2. wget -O /tmp/vpn_servers.txt https://raw.githubusercontent.com/X4BNet/lists_vpn/main/ipv4.txt
  3. wget -O /tmp/protonvpn_servers.txt https://raw.githubusercontent.com/X4BNet/lists_vpn/main/input/ips/protonvpn.txt
  4. wget -O /tmp/tor_exit.txt https://check.torproject.org/torbulkexitlist
  5.  
  6. # create a new chain
  7. iptables -N VPN
  8.  
  9. # add the chain to the input chain
  10. iptables -I INPUT -j VPN
  11.  
  12. # add the protonvpn servers to the list of vpn servers
  13. cat /tmp/protonvpn_servers.txt >> /tmp/vpn_servers.txt
  14.  
  15. # add the tor_exit servers to the list of vpn servers
  16. cat /tmp/tor_exit.txt >> /tmp/vpn_servers.txt
  17.  
  18. # remove duplicates
  19. sort /tmp/vpn_servers.txt | uniq > /tmp/vpn_servers_uniq.txt
  20.  
  21. # add all the vpn servers to the chain
  22. for ip in $(cat /tmp/vpn_servers_uniq.txt); do iptables -A VPN -s $ip -j DROP; done
  23.  
  24. # use ipset to blacklist the vpn servers; full disclosure I don't know if the blacklist needs to be setup first.
  25. # for i in $(cat /tmp/vpn_servers_uniq.txt); do ipset add blacklist $i; done
  26.  
  27. # save the iptables
  28. iptables-save > /etc/iptables/rules.v4
  29.  
  30. # remove the temporary files
  31. rm /tmp/vpn_servers.txt
  32. rm /tmp/protonvpn_servers.txt
  33. rm /tmp/tor_exit.txt
  34. rm /tmp/vpn_servers_uniq.txt