I installed it on one of my test servers and these are all the ones that have hit me in the last 12 hours:
Chain BLACKLIST-INPUT (1 references)
num pkts bytes target prot opt in out source destination
6641 1 439 DROP all -- * * 62.138.14.127 0.0.0.0/0
7354 1 40 DROP all -- * * 66.240.192.138 0.0.0.0/0
7357 1 40 DROP all -- * * 66.240.219.146 0.0.0.0/0
7359 1 40 DROP all -- * * 66.240.236.119 0.0.0.0/0
7742 2 80 DROP all -- * * 71.6.146.130 0.0.0.0/0
7743 1 40 DROP all -- * * 71.6.146.185 0.0.0.0/0
7745 2 80 DROP all -- * * 71.6.158.166 0.0.0.0/0
7751 1 40 DROP all -- * * 71.6.216.38 0.0.0.0/0
7752 1 40 DROP all -- * * 71.6.216.42 0.0.0.0/0
8375 2 80 DROP all -- * * 80.82.79.104 0.0.0.0/0
10605 1 40 DROP all -- * * 82.221.105.6/31 0.0.0.0/0
11984 4 1770 DROP all -- * * 89.163.146.122 0.0.0.0/0
12124 1 441 DROP all -- * * 89.163.242.48/31 0.0.0.0/0
12241 1 40 DROP all -- * * 89.248.172.16 0.0.0.0/0
12244 1 663 DROP all -- * * 89.248.172.140 0.0.0.0/0
12425 2 882 DROP all -- * * 92.42.106.173 0.0.0.0/0
12554 1 440 DROP all -- * * 93.186.196.82 0.0.0.0/0
12748 2 80 DROP all -- * * 94.102.49.190 0.0.0.0/0
12749 1 40 DROP all -- * * 94.102.49.193 0.0.0.0/0
13934 18 1080 DROP all -- * * 121.18.238.98 0.0.0.0/0
13935 18 1080 DROP all -- * * 121.18.238.109 0.0.0.0/0
13936 36 2160 DROP all -- * * 121.18.238.114 0.0.0.0/0
15180 1 432 DROP all -- * * 163.172.144.161 0.0.0.0/0
15596 2 80 DROP all -- * * 169.54.233.116/30 0.0.0.0/0
15597 1 40 DROP all -- * * 169.54.233.121 0.0.0.0/0
15601 1 40 DROP all -- * * 169.54.244.84 0.0.0.0/0
20367 1 432 DROP all -- * * 194.88.106.159 0.0.0.0/0
20702 1 442 DROP all -- * * 195.154.182.176 0.0.0.0/0
20794 13 5673 DROP all -- * * 195.154.237.46 0.0.0.0/0
21032 2 80 DROP all -- * * 198.20.69.98 0.0.0.0/0
21034 1 40 DROP all -- * * 198.20.87.98 0.0.0.0/0
22209 1 441 DROP all -- * * 209.126.122.35 0.0.0.0/0
22979 1 443 DROP all -- * * 213.202.253.20/31 0.0.0.0/0
23414 18 1080 DROP all -- * * 221.194.44.195 0.0.0.0/0
23416 27 1620 DROP all -- * * 221.194.44.224 0.0.0.0/0
23417 16 960 DROP all -- * * 221.194.47.208 0.0.0.0/0
23418 19 1140 DROP all -- * * 221.194.47.224 0.0.0.0/0
Just a couple notes that I saw. In the
/usr/local/bin/voipbl.sh script, change the line:
if [ `iptables -L | grep -c "Chain BLACKLIST-INPUT"` -lt 1 ]; then
to
if [ `iptables -L -v -n | grep -c "Chain BLACKLIST-INPUT"` -lt 1 ]; then
And also, change the cron to not run so much. Every 4 hours seem a bit much to me.