Blocking China

Tired of seeing Chinese IP addresses in my server logs trying SSH access, I decided to completly block it off.

Easy way todo this? Yup.


#!/bin/sh

cd /home/michael/System\ Scripts/Sineo_IPTABLES_Block/

wget http://www.okean.com/antispam/iptables/rc.firewall.sinokorea

sed -i 's/INPUT/SINEO/g' /home/michael/System\ Scripts/Sineo_IPTABLES_Block/rc.firewall.sinokorea

sed -i '/iptables -A SINEO -m state --state ESTABLISHED,RELATED -j ACCEPT/d' /home/michael/System\ Scripts/Sineo_IPTABLES_Block/rc.firewall.sinokorea

chmod +x /home/michael/System\ Scripts/Sineo_IPTABLES_Block/rc.firewall.sinokorea

sudo /home/michael/System\ Scripts/Sineo_IPTABLES_Block/rc.firewall.sinokorea

This will download a formatted list of chinese and Korean IP addresses, change the iptables chain to point to a new chain rather than the input chain, remove the now pointless established rule, and install the chain. Obviously, change the file paths to suit your structure.

It will however, require root to install the chain.

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Google+ photo

You are commenting using your Google+ account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

w

Connecting to %s