#!/bin/bash

# just in case the platform is different
#ln -s /sbin/iptables /usr/sbin/iptables

# Here's the Incredible PBX list of SIP Trusted Providers
/usr/sbin/iptables -A INPUT -s 64.2.142.215/32 -p udp -m multiport --dports 5060,5061,5062,5063,5064,5065,5066,5067,5068,5069,4569 -j ACCEPT 
/usr/sbin/iptables -A INPUT -s 64.2.142.216/32 -p udp -m multiport --dports 5060,5061,5062,5063,5064,5065,5066,5067,5068,5069,4569 -j ACCEPT 
/usr/sbin/iptables -A INPUT -s 64.2.142.9/32 -p udp -m multiport --dports 5060,5061,5062,5063,5064,5065,5066,5067,5068,5069,4569 -j ACCEPT 
/usr/sbin/iptables -A INPUT -s 64.2.142.17/32 -p udp -m multiport --dports 5060,5061,5062,5063,5064,5065,5066,5067,5068,5069,4569 -j ACCEPT 
/usr/sbin/iptables -A INPUT -s 64.2.142.18/32 -p udp -m multiport --dports 5060,5061,5062,5063,5064,5065,5066,5067,5068,5069,4569 -j ACCEPT 
/usr/sbin/iptables -A INPUT -s 64.2.142.29/32 -p udp -m multiport --dports 5060,5061,5062,5063,5064,5065,5066,5067,5068,5069,4569 -j ACCEPT 
/usr/sbin/iptables -A INPUT -s 64.2.142.87/32 -p udp -m multiport --dports 5060,5061,5062,5063,5064,5065,5066,5067,5068,5069,4569 -j ACCEPT 
/usr/sbin/iptables -A INPUT -s 64.2.142.106/32 -p udp -m multiport --dports 5060,5061,5062,5063,5064,5065,5066,5067,5068,5069,4569 -j ACCEPT 
/usr/sbin/iptables -A INPUT -s 64.2.142.107/32 -p udp -m multiport --dports 5060,5061,5062,5063,5064,5065,5066,5067,5068,5069,4569 -j ACCEPT 
/usr/sbin/iptables -A INPUT -s 64.2.142.109/32 -p udp -m multiport --dports 5060,5061,5062,5063,5064,5065,5066,5067,5068,5069,4569 -j ACCEPT 
/usr/sbin/iptables -A INPUT -s 64.2.142.111/32 -p udp -m multiport --dports 5060,5061,5062,5063,5064,5065,5066,5067,5068,5069,4569 -j ACCEPT 
/usr/sbin/iptables -A INPUT -s 64.2.142.187/32 -p udp -m multiport --dports 5060,5061,5062,5063,5064,5065,5066,5067,5068,5069,4569 -j ACCEPT 
/usr/sbin/iptables -A INPUT -s 64.2.142.188/32 -p udp -m multiport --dports 5060,5061,5062,5063,5064,5065,5066,5067,5068,5069,4569 -j ACCEPT 
/usr/sbin/iptables -A INPUT -s 64.2.142.189/32 -p udp -m multiport --dports 5060,5061,5062,5063,5064,5065,5066,5067,5068,5069,4569 -j ACCEPT 
/usr/sbin/iptables -A INPUT -s 64.2.142.190/32 -p udp -m multiport --dports 5060,5061,5062,5063,5064,5065,5066,5067,5068,5069,4569 -j ACCEPT 
/usr/sbin/iptables -A INPUT -s 64.2.142.214/32 -p udp -m multiport --dports 5060,5061,5062,5063,5064,5065,5066,5067,5068,5069,4569 -j ACCEPT 
/usr/sbin/iptables -A INPUT -s 64.2.142.26/32 -p udp -m multiport --dports 5060,5061,5062,5063,5064,5065,5066,5067,5068,5069,4569 -j ACCEPT 
/usr/sbin/iptables -A INPUT -s 199.101.184.146/32 -p udp -m multiport --dports 5060,5061,5062,5063,5064,5065,5066,5067,5068,5069,4569 -j ACCEPT 
/usr/sbin/iptables -A INPUT -s 174.34.146.162/32 -p udp -m multiport --dports 5060,5061,5062,5063,5064,5065,5066,5067,5068,5069,4569 -j ACCEPT 
/usr/sbin/iptables -A INPUT -s 173.208.83.50/32 -p udp -m multiport --dports 5060,5061,5062,5063,5064,5065,5066,5067,5068,5069,4569 -j ACCEPT 
/usr/sbin/iptables -A INPUT -s 74.54.54.178/32 -p udp -m multiport --dports 5060,5061,5062,5063,5064,5065,5066,5067,5068,5069,4569 -j ACCEPT 
/usr/sbin/iptables -A INPUT -s 209.62.1.2/32 -p udp -m multiport --dports 5060,5061,5062,5063,5064,5065,5066,5067,5068,5069,4569 -j ACCEPT 
/usr/sbin/iptables -A INPUT -s 67.215.241.250/32 -p udp -m multiport --dports 5060,5061,5062,5063,5064,5065,5066,5067,5068,5069,4569 -j ACCEPT 
/usr/sbin/iptables -A INPUT -s 74.63.41.218/32 -p udp -m multiport --dports 5060,5061,5062,5063,5064,5065,5066,5067,5068,5069,4569 -j ACCEPT 
/usr/sbin/iptables -A INPUT -s 69.147.236.82/32 -p udp -m multiport --dports 5060,5061,5062,5063,5064,5065,5066,5067,5068,5069,4569 -j ACCEPT 
/usr/sbin/iptables -A INPUT -s 68.233.226.97/32 -p udp -m multiport --dports 5060,5061,5062,5063,5064,5065,5066,5067,5068,5069,4569 -j ACCEPT 
/usr/sbin/iptables -A INPUT -s 67.205.74.184/32 -p udp -m multiport --dports 5060,5061,5062,5063,5064,5065,5066,5067,5068,5069,4569 -j ACCEPT 
/usr/sbin/iptables -A INPUT -s 67.205.74.187/32 -p udp -m multiport --dports 5060,5061,5062,5063,5064,5065,5066,5067,5068,5069,4569 -j ACCEPT 
/usr/sbin/iptables -A INPUT -s 174.137.63.206/32 -p udp -m multiport --dports 5060,5061,5062,5063,5064,5065,5066,5067,5068,5069,4569 -j ACCEPT 
/usr/sbin/iptables -A INPUT -s 174.137.63.202/32 -p udp -m multiport --dports 5060,5061,5062,5063,5064,5065,5066,5067,5068,5069,4569 -j ACCEPT 
/usr/sbin/iptables -A INPUT -s 5.77.36.136/32 -p udp -m multiport --dports 5060,5061,5062,5063,5064,5065,5066,5067,5068,5069,4569 -j ACCEPT 
/usr/sbin/iptables -A INPUT -s 204.11.192.32/30 -p udp -m multiport --dports 5060,5061,5062,5063,5064,5065,5066,5067,5068,5069,4569 -j ACCEPT 
/usr/sbin/iptables -A INPUT -s 204.155.28.10/32 -p udp -m multiport --dports 5060,5061,5062,5063,5064,5065,5066,5067,5068,5069,4569 -j ACCEPT 
/usr/sbin/iptables -A INPUT -s 64.136.174.24/32 -p udp -m multiport --dports 5060,5061,5062,5063,5064,5065,5066,5067,5068,5069,4569 -j ACCEPT 
/usr/sbin/iptables -A INPUT -s 64.136.174.24/32 -p udp -m multiport --dports 5060,5061,5062,5063,5064,5065,5066,5067,5068,5069,4569 -j ACCEPT 
/usr/sbin/iptables -A INPUT -s 64.34.181.47/32 -p udp -m multiport --dports 5060,5061,5062,5063,5064,5065,5066,5067,5068,5069,4569 -j ACCEPT 
/usr/sbin/iptables -A INPUT -s 69.90.174.98/32 -p udp -m multiport --dports 5060,5061,5062,5063,5064,5065,5066,5067,5068,5069,4569 -j ACCEPT 
/usr/sbin/iptables -A INPUT -s 85.17.186.7/32 -p udp -m multiport --dports 5060,5061,5062,5063,5064,5065,5066,5067,5068,5069 -j ACCEPT 
/usr/sbin/iptables -A INPUT -s 81.23.228.129/32 -p udp -m multiport --dports 5060,5061,5062,5063,5064,5065,5066,5067,5068,5069 -j ACCEPT 
/usr/sbin/iptables -A INPUT -s 67.228.182.2/32 -p udp -m multiport --dports 5060,5061,5062,5063,5064,5065,5066,5067,5068,5069 -j ACCEPT 
/usr/sbin/iptables -A INPUT -s 64.251.23.244/32 -p udp -m multiport --dports 5060,5061,5062,5063,5064,5065,5066,5067,5068,5069,4569 -j ACCEPT 
/usr/sbin/iptables -A INPUT -s 85.17.148.32/32 -p udp -m multiport --dports 5060,5061,5062,5063,5064,5065,5066,5067,5068,5069,4569 -j ACCEPT 
/usr/sbin/iptables -A INPUT -s 63.211.239.14/32 -p udp -m multiport --dports 5060,5061,5062,5063,5064,5065,5066,5067,5068,5069,4569 -j ACCEPT 
/usr/sbin/iptables -A INPUT -s 63.247.78.218/32 -p udp -m multiport --dports 5060,5061,5062,5063,5064,5065,5066,5067,5068,5069,4569 -j ACCEPT 
/usr/sbin/iptables -A INPUT -s 8.3.252.23/32 -p udp -m multiport --dports 5060,5061,5062,5063,5064,5065,5066,5067,5068,5069,4569 -j ACCEPT 
/usr/sbin/iptables -A INPUT -s 8.14.120.23/32 -p udp -m multiport --dports 5060,5061,5062,5063,5064,5065,5066,5067,5068,5069,4569 -j ACCEPT 
/usr/sbin/iptables -A INPUT -s 8.17.37.23/32 -p udp -m multiport --dports 5060,5061,5062,5063,5064,5065,5066,5067,5068,5069,4569 -j ACCEPT 
/usr/sbin/iptables -A INPUT -s 66.54.140.46/32 -p udp -m multiport --dports 5060,5061,5062,5063,5064,5065,5066,5067,5068,5069,4569 -j ACCEPT 
/usr/sbin/iptables -A INPUT -s 66.54.140.47/32 -p udp -m multiport --dports 5060,5061,5062,5063,5064,5065,5066,5067,5068,5069,4569 -j ACCEPT 
/usr/sbin/iptables -A INPUT -s 64.62.236.143/32 -p udp -m udp --dport 5060:5069 -j ACCEPT 
/usr/sbin/iptables -A INPUT -s 24.211.64.206/32 -p udp -m udp --dport 5060:5069 -j ACCEPT 
/usr/sbin/iptables -A INPUT -s 199.30.56.194/32 -p udp -m udp --dport 5060:5069 -j ACCEPT 
/usr/sbin/iptables -A INPUT -s 209.216.15.70/32 -p udp -m udp --dport 5060:5069 -j ACCEPT 
/usr/sbin/iptables -A INPUT -s 209.216.2.211/32 -p udp -m udp --dport 5060:5069 -j ACCEPT 
/usr/sbin/iptables -A INPUT -s 184.154.97.11/32 -p udp -m udp --dport 5060:5069 -j ACCEPT 
/usr/sbin/iptables -A INPUT -s 81.23.228.150/32 -p udp -m udp --dport 5060:5069 -j ACCEPT 
/usr/sbin/iptables -A INPUT -s 81.23.228.150/32 -p tcp -m tcp --dport 5060:5069 -j ACCEPT 
/usr/sbin/iptables -A INPUT -s 65.254.44.194/32 -p udp -m udp --dport 5060:5069 -j ACCEPT 
/usr/sbin/iptables -A INPUT -s 74.81.71.18/32 -p udp -m udp --dport 5060:5069 -j ACCEPT 
/usr/sbin/iptables -A INPUT -s 50.22.101.14/32 -p udp -m udp --dport 5060:5069 -j ACCEPT 
/usr/sbin/iptables -A INPUT -s 67.212.84.21/32 -p udp -m udp --dport 5060:5069 -j ACCEPT 
/usr/sbin/iptables -A INPUT -s 176.9.39.206/32 -p udp -m udp --dport 5060:5069 -j ACCEPT 
/usr/sbin/iptables -A INPUT -s 72.9.149.25/32 -p udp -m udp --dport 5060:5069 -j ACCEPT 
/usr/sbin/iptables -A INPUT -s 50.22.102.242/32 -p udp -m udp --dport 5060:5069 -j ACCEPT 
/usr/sbin/iptables -A INPUT -s 98.254.157.185/32 -p udp -m udp --dport 5060:5069 -j ACCEPT 
/usr/sbin/iptables -A INPUT -s 178.63.143.236/32 -p udp -m udp --dport 5060:5069 -j ACCEPT 
/usr/sbin/iptables -A INPUT -s 98.254.157.185/32 -p udp -m udp --dport 5060:5069 -j ACCEPT 
/usr/sbin/iptables -A INPUT -s 64.2.142.26/32 -p udp -m udp --dport 5060:5069 -j ACCEPT
# new additions
# IPC-Texas-DID
/usr/sbin/iptables -A INPUT -p udp -m udp -s 216.66.23.179 --dport 5060:5069 -j ACCEPT
# Skyetel-EU
/usr/sbin/iptables -A INPUT -s 35.156.192.164 -j ACCEPT
# Skyetel-SE
/usr/sbin/iptables -A INPUT -s 50.17.48.216 -j ACCEPT
# Skyetel-NE
/usr/sbin/iptables -A INPUT -s 52.60.138.31 -j ACCEPT
# Skyetel-SW
/usr/sbin/iptables -A INPUT -s 52.8.201.128 -j ACCEPT
# Skyetel-NW
/usr/sbin/iptables -A INPUT -s 52.41.52.34 -j ACCEPT
# v1voip5
/usr/sbin/iptables -A INPUT -p udp -m udp -s sip1.v1voip.com --dport 5060:5069 -j ACCEPT
# v1voip4
/usr/sbin/iptables -A INPUT -p udp -m udp -s sip2.v1voip.com --dport 5060:5069 -j ACCEPT
# v1voip3
/usr/sbin/iptables -A INPUT -p udp -m udp -s sip.v1voip.com --dport 5060:5069 -j ACCEPT
# v1voip2
/usr/sbin/iptables -A INPUT -p udp -m udp -s 173.246.36.196 --dport 5060:5069 -j ACCEPT
# v1voip1
/usr/sbin/iptables -A INPUT -p udp -m udp -s 207.239.159.171 --dport 5060:5069 -j ACCEPT
# bulkvs
/usr/sbin/iptables -A INPUT -p udp -m udp -s 23.190.16.198 --dport 5060:5069 -j ACCEPT
/usr/sbin/iptables -A INPUT -p udp -m udp -s 199.255.157.198 --dport 5060:5069 -j ACCEPT
/usr/sbin/iptables -A INPUT -p udp -m udp -s 162.249.171.198 --dport 5060:5069 -j ACCEPT
/usr/sbin/iptables -A INPUT -p udp -m udp -s 69.12.88.198 --dport 5060:5069 -j ACCEPT
/usr/sbin/iptables -A INPUT -p udp -m udp -s 76.8.29.198 --dport 5060:5069 -j ACCEPT
# // New entries for nexmo.iptables
/usr/sbin/iptables -A INPUT -s sip.nexmo.com -j ACCEPT
/usr/sbin/iptables -I INPUT -s api.nexmo.com  -j ACCEPT
/usr/sbin/iptables -I INPUT -s 169.63.86.0/24 -j ACCEPT
/usr/sbin/iptables -I INPUT -s 5.10.112.121   -j ACCEPT
/usr/sbin/iptables -I INPUT -s 5.10.112.122   -j ACCEPT
/usr/sbin/iptables -I INPUT -s 119.81.44.6    -j ACCEPT
/usr/sbin/iptables -I INPUT -s 119.81.44.7    -j ACCEPT
/usr/sbin/iptables -I INPUT -s 169.60.141.29  -j ACCEPT
/usr/sbin/iptables -I INPUT -s 169.60.141.30  -j ACCEPT
# // End entries for nexmo.iptables
# // New entries for signalwire
/usr/sbin/iptables -A INPUT -s sip.signalwire.com -j ACCEPT
/usr/sbin/iptables -A INPUT -s 167.99.198.84 -j ACCEPT
/usr/sbin/iptables -A INPUT -s 104.248.176.184 -j ACCEPT
/usr/sbin/iptables -A INPUT -s 159.65.244.171 -j ACCEPT
/usr/sbin/iptables -A INPUT -s 188.166.126.7 -j ACCEPT
/usr/sbin/iptables -A INPUT -s 104.248.150.114 -j ACCEPT
/usr/sbin/iptables -A INPUT -s 178.128.235.81 -j ACCEPT
/usr/sbin/iptables -A INPUT -s 159.65.244.171 -j ACCEPT
# // End entries for signalwire

# End of Trusted Provider Section

# sample custom rule for full server access looks like this
# /usr/sbin/iptables -A INPUT -s yourFQDN.dyndns.org -j ACCEPT

# custom rules go below here

# do not edit below here. Facebook Messenger WhiteList gets generated next...
# be sure to issue iptables-restart nightly in /etc/crontab like this:
# 15 0 * * * root /usr/local/sbin/iptables-restart >/dev/null 2>&1

#whois -h whois.radb.net -- '-i origin AS32934' | grep ^route: | sed "s|route:     |/usr/sbin/iptables -A INPUT -s |" | sed "s|$| -p tcp -m tcp --dport 443 -j ACCEPT|" > /usr/local/sbin/iptables-facebook
#chmod +x /usr/local/sbin/iptables-facebook
#/usr/local/sbin/iptables-facebook
