Difference between revisions of "How to block country IP"
(5 intermediate revisions by 2 users not shown) | |||
Line 1: | Line 1: | ||
[[File:palestine_hacker.jpg|right| | [[File:palestine_hacker.jpg|right|200px]] | ||
Here we will provide guide how to block whole country. For this example we will block Palestine - from where most VoIP attacks are originating. | Here we will provide guide how to block whole country. For this example we will block Palestine - from where most VoIP attacks are originating. | ||
Line 5: | Line 5: | ||
DISCLAIMER - we are not against the Palestine or People of Palestine. We are against hackers from Palestine. | DISCLAIMER - we are not against the Palestine or People of Palestine. We are against hackers from Palestine. | ||
. | |||
Install ipset tool: | |||
yum -y install ipset | |||
Download list of IP ranges from http://www.ipdeny.com/ipblocks/data/countries/ | |||
wget http://www.ipdeny.com/ipblocks/data/countries/ps.zone | |||
Create list in ipset for Palestine IPs: | |||
ipset create palestine hash:net | |||
Import IP list from file to ipset list: | |||
while read LINE; do ipset add palestine $LINE; echo -ne $LINE ' \r'; done < ps.zone | |||
Add rule to iptables, which instructs to drop packets coming from IPs within list: | |||
iptables -I INPUT -m set --match-set palestine src -j DROP | |||
Configuration is completed. | |||
You can repeat same for other countries. By replacing "ps" with two letters code of other country (visit http://www.ipdeny.com/ipblocks/data/countries/ to see whole list). Also replacing "palestine" name to name of other country. | |||
NOTE: configuration needs to be repeated after server reboot. |
Latest revision as of 12:30, 14 July 2016
Here we will provide guide how to block whole country. For this example we will block Palestine - from where most VoIP attacks are originating.
DISCLAIMER - we are not against the Palestine or People of Palestine. We are against hackers from Palestine.
Install ipset tool:
yum -y install ipset
Download list of IP ranges from http://www.ipdeny.com/ipblocks/data/countries/
wget http://www.ipdeny.com/ipblocks/data/countries/ps.zone
Create list in ipset for Palestine IPs:
ipset create palestine hash:net
Import IP list from file to ipset list:
while read LINE; do ipset add palestine $LINE; echo -ne $LINE ' \r'; done < ps.zone
Add rule to iptables, which instructs to drop packets coming from IPs within list:
iptables -I INPUT -m set --match-set palestine src -j DROP
Configuration is completed.
You can repeat same for other countries. By replacing "ps" with two letters code of other country (visit http://www.ipdeny.com/ipblocks/data/countries/ to see whole list). Also replacing "palestine" name to name of other country.
NOTE: configuration needs to be repeated after server reboot.