Finished initial firewall implementation. Untested

Tools/firewall.sh

@@ -43,6 +43,7 @@ graylist_unverified=15
 
 
 country-list="https://raw.githubusercontent.com/herrbischoff/country-ip-blocks/master/ipv4/"
+safety-list="https://api.entryrise.com/minewall/"
 
 wgetd="wget -q -c --retry-connrefused -t 0"
 
@@ -59,12 +60,23 @@ ipset -N -! mw_graylist hash:net maxelem 10000
 ipset -N -! mw_whitelist hash:net maxelem 10000
 
 
+ 
+echo "Generating whitelist for the firewall..."
+for ip in $(curl $safety-list/{wireless,residential,business}.iplist); do
+  ipset -A mw_whitelist $ip
+done
  # Create the graylist of safer countries. It's really important for the base check.
  echo "Generating graylist for the firewall..."
- for ip in $(curl $country-list/{ro,ua,tr,nl,de}.cidr); do
+ for ip in $(curl $country-list/{ro,hu,gb,au,dk,bg,ie,pt,gr}.cidr); do
   ipset -A mw_graylist $ip
  done
- echo "Graylist finished generating."
+
+echo "Generating blacklist for firewall."
+for ip in $(curl $safety-list/{others}.iplist); do
+  ipset -A mw_blacklist $ip
+done
+#
+# The blacklist makes sure any "smart bots" are blocked in time on your server after a while.
  
 # Off the table just allow the whitelisted users and drop the blacklisted ones.
 $iptables -A MineWall -p tcp --dport $protect_port -m set --match-set mw_whitelist src -j ACCEPT