#!/bin/bash

TLD="cn iq ir kp ru tr tw"

URL="http://www.ipdeny.com/ipblocks/data/countries/"

# chains komplett entfernen
for C in $TLD
do
  iptables -D BLOCKCOUNTRY -j $C
  iptables -F $C
  iptables -X $C
done

# chains bauen
cd /tmp
for C in $TLD
do
  iptables -N $C.ct.chain
  iptables -A BLOCKCOUNTRY -j $C.ct.chain
done

# länderinfos herunterladen
for C in $TLD
do
  wget $URL$C.zone > /dev/null 2>&1
done
 
#länderinfos in chains 
for C in $TLD
do
  for IP in `cat $C.zone`
  do
    iptables -A $C.ct.chain -s $IP -j DROP > /dev/null 2>&1
  done
done