MC Malicious Port Scanner Block

block.sh

#!/usr/bin/env bash
set -euo pipefail

BLOCKLIST=(
  176.65.148.154  # FifthColumnMC (new)
  103.216.220.39  # FifthColumnMC (old)
  103.136.147.26  # FifthColumnMC (old)
  103.75.11.55    # FifthColumnMC (old)
  198.54.134.173  # FifthColumnMC (old)
  146.70.200.24   # FifthColumnMC (old)
  132.145.71.44   # shepan
  149.102.143.151 # ServerOverflow
  45.128.232.206  # pfcloud
  193.35.18.0/24  # pfclown: 193.35.18.105 & 193.35.18.163
                  # notschesser: 193.35.18.92
                  # ThisIsARobbery: 193.35.18.92
)

add_rule_once() {
  local chain="$1"
  local src="$2"

  if ! iptables -C "$chain" -s "$src" -j DROP 2>/dev/null; then
    iptables -w -I "$chain" -s "$src" -j DROP
  fi
}

# Host
for ip in "${BLOCKLIST[@]}"; do
  add_rule_once INPUT "$ip"
done

# Docker
if iptables -S DOCKER-USER >/dev/null 2>&1; then
  for ip in "${BLOCKLIST[@]}"; do
    add_rule_once DOCKER-USER "$ip"
  done
fi

echo iptables-persistent iptables-persistent/autosave_v4 boolean true | debconf-set-selections
echo iptables-persistent iptables-persistent/autosave_v6 boolean true | debconf-set-selections

DEBIAN_FRONTEND=noninteractive apt-get update
DEBIAN_FRONTEND=noninteractive apt-get -y install iptables-persistent

netfilter-persistent save