Search This Blog

Monday, April 25, 2022

How to block incoming Russian IP addresses in the iptables by user defined chain

Too much attack/scanning to the server. Try to block all incoming Russian IP addresses in the iptables.

  1. First find generate the ACL list from:
    2. https://www.countryipblocks.net/acl.php It gives me a total # of 24,445 line of ip address range at the time.
  2. Replace the iptables string for user-defined chain:
    3. iptables
    by 
    iptables -A chain-Russian-Block
  3. Run the command to make create the chain:
    4. iptables -N chain-Russian-Block
...
iptables -A chain-Russian-Block -s 2.56.24.0/23 -j DROP
iptables -A chain-Russian-Block -s 2.56.26.0/23 -j DROP
iptables -A chain-Russian-Block -s 2.56.88.0/22 -j DROP
...
iptables -A INPUT -j chain-Russian-Block
  4. Check total lines of rules in the chain:
    5. # iptables -S chain-Russian-Block | wc -l
24,445
  5. Save it for reboot.
    6. service netfilter-persistent save
at
Labels: , ,

1 comment:

  1. LambertApril 25, 2022 at 12:39 PM

    Another option of the IP address range:
    https://www.ip2location.com/free/visitor-blocker

    ReplyDelete

Subscribe to: Post Comments (Atom)