iptables +block country

Tom H tomh0665 at gmail.com
Mon Aug 16 06:00:19 UTC 2010


On Mon, Aug 16, 2010 at 12:31 AM, NoOp <glgxg at sbcglobal.net> wrote:
>
> The probes mostly come from Chinese machines (do a zenmap on
> 58.218.204.110 if you'd like to see a totally borked bot machine). So on
> every local machine I've simply decided to block all of China.
> http://blacklist.linuxadmin.org/ has a handy tool to blocklist by
> country & port. I've modified the ouput to block via iptables, but
> wonder if the following sample is correct:
>
> #!/bin/bash
> # china blocklist
> # generated from http://blacklists.linuxadmin.org
> /sbin/iptables -A INPUT -p tcp -s 58.14.0.0/15 -j REJECT
> /sbin/iptables -A INPUT -p tcp -s 58.16.0.0/13 -j REJECT
> /sbin/iptables -A INPUT -p tcp -s 58.24.0.0/15 -j REJECT

I'd use "DROP" rather than "REJECT".




More information about the ubuntu-users mailing list