Blocking China

Tired of seeing Chinese IP addresses in my server logs trying SSH access, I decided to completly block it off.

Easy way todo this? Yup.


#!/bin/sh

cd /home/michael/System\ Scripts/Sineo_IPTABLES_Block/

wget http://www.okean.com/antispam/iptables/rc.firewall.sinokorea

sed -i 's/INPUT/SINEO/g' /home/michael/System\ Scripts/Sineo_IPTABLES_Block/rc.firewall.sinokorea

sed -i '/iptables -A SINEO -m state --state ESTABLISHED,RELATED -j ACCEPT/d' /home/michael/System\ Scripts/Sineo_IPTABLES_Block/rc.firewall.sinokorea

chmod +x /home/michael/System\ Scripts/Sineo_IPTABLES_Block/rc.firewall.sinokorea

sudo /home/michael/System\ Scripts/Sineo_IPTABLES_Block/rc.firewall.sinokorea

This will download a formatted list of chinese and Korean IP addresses, change the iptables chain to point to a new chain rather than the input chain, remove the now pointless established rule, and install the chain. Obviously, change the file paths to suit your structure.

It will however, require root to install the chain.