From 8dd9eec435f77660388e521628015344c97d87d0 Mon Sep 17 00:00:00 2001
From: PaulGuijt <paul.guijt@gmail.com>
Date: Sun, 1 Apr 2018 11:38:08 +0200
Subject: [PATCH] Added ipset-persistent compatibility

With ipset-persistent, part of netfilter-persistent, the ipset is loaded earlier in the startup proces.
The script in /etc/network/if-up.d can be removed.
---
 update-blacklist.sh | 4 ++++
 1 file changed, 4 insertions(+)

diff --git a/update-blacklist.sh b/update-blacklist.sh
index 50569cc..ded0081 100755
--- a/update-blacklist.sh
+++ b/update-blacklist.sh
@@ -18,6 +18,10 @@ if ! which curl egrep grep ipset iptables sed sort wc &> /dev/null; then
     exit 1
 fi
 
+if [ -f  /usr/share/netfilter-persistent/plugins.d/*ipset ]; then
+	IP_BLACKLIST_RESTORE=/etc/iptables/rules.ipset
+fi
+
 if [[ ! -d $(dirname "$IP_BLACKLIST") || ! -d $(dirname "$IP_BLACKLIST_RESTORE") ]]; then
     echo >&2 "Error: missing directory(s): $(dirname "$IP_BLACKLIST" "$IP_BLACKLIST_RESTORE"|sort -u)"
     exit 1