Vafin
TeaFanatic
I succeeded. This option works. https://serveradmin.ru/blokirovka-dostupa-k-web-serveru-po-stranam-s-pomoshhyu-iptables/
How do I select the country?I succeeded. This option works. https://serveradmin.ru/blokirovka-dostupa-k-web-serveru-po-stranam-s-pomoshhyu-iptables/
./block.sh: line 12: syntax error near unexpected token `do'Request blocking method using iptables+ipset
1) Install ipset
# apt install ipset
2) Run the script to add Ip addresses to the blacklist addipblacklist.sh (In my script blocked requests from the USA.).
3) Mount the blacklist in iptables.
# iptables -A INPUT -m set --match-set blacklist src -j DROP
You Tested And Working?Request blocking method using iptables+ipset
1) Install ipset
# apt install ipset
2) Run the script to add Ip addresses to the blacklist addipblacklist.sh (In my script blocked requests from the USA.).
3) Mount the blacklist in iptables.
# iptables -A INPUT -m set --match-set blacklist src -j DROP
Everything works for meYou Tested And Working?
You have a script works without error?
yes script runnedYou have a script works without error?
Ip addresses added to the blacklist?
Check this with the
# ipset-L blacklist command
Check if the rule is added to iptables?, it should be above all rules, at the very beginning.yes script runned
yes added the blacklist
root@gamec:~# ipset-L blacklist command
ipset-L: command not found
root@gamec:~# iptables -L INPUT -v -nCheck if the rule is added to iptables?, it should be above all rules, at the very beginning.
# iptables -L INPUT -v -n
View attachment 1064
its worked?[/QUOT]
yeah, but I don't think your list is quite complete. I have it turned out much fuller.
problem solution./block.sh: line 12: syntax error near unexpected token `do'
root@gamec:~# iptables -L INPUT -v -n
I don't see you have a rule with blacklist.root@gamec:~# iptables -L INPUT -v -n
Chain INPUT (policy DROP 144 packets, 7794 bytes)
pkts bytes target prot opt in out source destination
7563 736K ufw-before-logging-input all -- * * 0.0.0.0/0 0.0.0.0/0
7563 736K ufw-before-input all -- * * 0.0.0.0/0 0.0.0.0/0
147 7942 ufw-after-input all -- * * 0.0.0.0/0 0.0.0.0/0
144 7794 ufw-after-logging-input all -- * * 0.0.0.0/0 0.0.0.0/0
144 7794 ufw-reject-input all -- * * 0.0.0.0/0 0.0.0.0/0
144 7794 ufw-track-input all -- * * 0.0.0.0/0 0.0.0.0/0
I don't see you have a rule with blacklist.
# iptables -A INPUT -m set --match-set blacklist src -j DROP