I write this script originally in 2014, updated it in 2015, forgot about it and needed it recently again … so its updated current to 2020. A few things about this script … I don’t recommend you just “block tor exit nodes” unless you have a good reason. Why have I used this script in the past? During DDOS attacks that seemed to be using tor addresses, to block hackers from using tor, etc. When I have blocked tor, it was only for short periods of time maybe a few hours or a day or 2. If you are under an attack via tor, the attacker can just pivot somewhere else or use some other proxied method so just keep in mind this isn’t a solve-all either.
So you are still here and wondering how to block tor … this is it:
[codesyntax lang=”bash”]
#!/bin/bash
# by ed wiget
# this script will query tor for the exit node hosts
# it then displays those ips or blocks those ips using iptables
# 20140116 - original script
# 20140612 - updated url
# 2014 first method
#for i in $(wget https://check.torproject.org/cgi-bin/TorBulkExitList.py\?ip=$hostip -O- -q | grep -E '^[[:digit:]]+(\.[[:digit:]]+){3}$' | uniq); do
# 2014 second method
for i in $(wget https://check.torproject.org/exit-addresses -O- -q | grep ExitAddress | awk '{print$2}' | uniq); do
# two options here, uncomment whichever suits you
# if you just what the ips in a list uncomment the next line but comment out the iptables part below
echo ${i}
# if you want to add the ips to iptables blocks, comment out the line above and uncomment the next two lines
#echo "blocking ${i} ... please wait"
#iptables -A INPUT -s "$i" -j DROP
done
[/codesyntax]
Leave a Reply
You must be logged in to post a comment.