#!/bin/bash
# Found at http://www.brianhare.com/wordpress/2011/03/02/block-tor-exit-nodes-using-bash-script/#codesyntax_1
# Mods (if any) by MadMakz
IPTABLES_IFACE="eth0"
IPTABLES_SOURCE="INPUT"
IPTABLES_TARGET="DROP"
IPTABLES_CHAINNAME="TOR"

WORKING_DIR="/tmp/"

# get IP address of network interface
IP_ADDRESS=$(ifconfig $IPTABLES_IFACE | awk '/inet addr/ {split ($2,A,":"); print A[2]}')

if ! iptables -L "$IPTABLES_CHAINNAME" -n >/dev/null 2>&1 ; then			#If chain doesn't exist
	iptables -N "$IPTABLES_CHAINNAME" >/dev/null 2>&1				#Create it
	iptables -A "$IPTABLES_CHAINNAME" -j RETURN >/dev/null 2>&1 #Can be deleted with: iptables -D "$IPTABLES_SOURCE" -j "$IPTABLES_CHAINNAME"
	iptables -I "$IPTABLES_SOURCE" -j "$IPTABLES_CHAINNAME" >/dev/null 2>&1
fi

cd $WORKING_DIR

wget --no-check-certificate -q -O - "https://check.torproject.org/cgi-bin/TorBulkExitList.py?ip=$IP_ADDRESS&port=80" -U NoSuchBrowser/1.0 > temp_tor_list1
wget --no-check-certificate -q -O - "https://check.torproject.org/cgi-bin/TorBulkExitList.py?ip=$IP_ADDRESS&port=22" -U NoSuchBrowser/1.0 > temp_tor_list2

cat temp_tor_list1 temp_tor_list2 > temp_tor_list_full
sed -i 's|^#.*$||g' temp_tor_list_full
sed -i '/^$/d' temp_tor_list_full

if [ -s temp_tor_list_full ] ; then

	iptables -F "$IPTABLES_CHAINNAME"

	CMD=$(cat temp_tor_list_full | sort | uniq)

	for IP in $CMD; do
		let COUNT=COUNT+1
		iptables -A "$IPTABLES_CHAINNAME" -s $IP -j $IPTABLES_TARGET
	done

	iptables -A "$IPTABLES_CHAINNAME" -j RETURN

else
	echo "Could not get List"
fi

rm -f temp_tor*