#!/bin/bash
curl -sL "https://www.talosintelligence.com/documents/ip-blacklist" | grep -Eo '[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}' | sed -e 's/^/add bl-talos /' > /tmp/bl-talos

ipset flush bl-talos
ipset restore -file /tmp/bl-talos

echo '<?xml version="1.0" encoding="utf-8"?>' > /etc/firewalld/ipsets/bl-talos.xml
echo '<ipset type="hash:ip">' >> /etc/firewalld/ipsets/bl-talos.xml
awk '$0="<entry>"$3"</entry>"' /tmp/bl-talos >> /etc/firewalld/ipsets/bl-talos.xml
echo '</ipset>' >> /etc/firewalld/ipsets/bl-talos.xml
