[TriLUG] Host Blocking
Michael Hrivnak
mhrivnak at triad.rr.com
Wed Jan 5 22:28:25 EST 2005
This might get you started. These are blocks of foreign IPs that I've had
trouble with in the past.
iptables -A INPUT -s 219.140.0.0/16 -j DROP
iptables -A INPUT -s 62.251.65.0/24 -j DROP
iptables -A INPUT -s 203.199.70.0/24 -j DROP
iptables -A INPUT -s 61.145.0.0/16 -j DROP
iptables -A INPUT -s 210.21.33.0/24 -j DROP
Michael
On Wednesday 05 January 2005 09:55 pm, Greg Cox wrote:
> > What would be the best method of blocking access from a particular part
> > of the world, or for that matter allowing access from only US based ip
> > ranges.
>
> A fast hack (and this is all hackish, so) would be to get a list of 'Class
> A' blocks and kill ones allocated to places you don't like. At a glance,
> Japan has 43.x, APNIC has 61, 202-203, 210-211, 218-221. RIPE has 51, 62,
> 80-81, 193-195, 212-213, and 217.
>
> The wisdom of this approach (both the question and the answer) to security
> is questionable.
>
> But you're officially allowed to put a 'Power of Pride' bumper sticker on
> the box if you iptable this up.
More information about the TriLUG
mailing list