Re: [Shorewall-users] block all IP addresses originating from the country of India

Thu, 22 Jan 2015 09:58:24 -0800 

Have you looked at GeoIP matching:
http://shorewall.net/ISO-3661.html

A list of the country codes is here:
http://terminal28.com/how-to-block-countries-using-iptables-debian/#5_ISO_3166Country_Codes

Works for me:
DROP:info:RO    inet:^[RO]      fw
DROP:info:RU    inet:^[RU]      fw
DROP:info:UA    inet:^[UA]      fw
DROP:info:TW    inet:^[TW]      fw              tcp smtp,smtps,submission
DROP:info:VN    inet:^[VN]      fw              tcp smtp,smtps,submission
DROP:info:CN    inet:^[CN]      fw              tcp smtp,smtps,submission
DROP:info:MY    inet:^[MY]      fw              tcp smtp,smtps,submission
DROP:info:KZ    inet:^[KZ]      fw              tcp smtp,smtps,submission


Bill

On 1/22/2015 12:45 PM, Orlandinei Vujanski wrote:
> Good afternoon!
> I need help.
> I have to block all IP addresses originating from the country of India.
> I already know the networks, are approximately 500 networks.
> If I put each of the networks in the / etc / shorewall / rules, will be very 
> large and confusing.
> How could I make the networks stay in a separate file by country?
>
>
> ------------------------------------------------------------------------------
> New Year. New Location. New Benefits. New Data Center in Ashburn, VA.
> GigeNET is offering a free month of service with a new server in Ashburn.
> Choose from 2 high performing configs, both with 100TB of bandwidth.
> Higher redundancy.Lower latency.Increased capacity.Completely compliant.
> http://p.sf.net/sfu/gigenet
>
>
> _______________________________________________
> Shorewall-users mailing list
> [email protected]
> https://lists.sourceforge.net/lists/listinfo/shorewall-users


------------------------------------------------------------------------------
New Year. New Location. New Benefits. New Data Center in Ashburn, VA.
GigeNET is offering a free month of service with a new server in Ashburn.
Choose from 2 high performing configs, both with 100TB of bandwidth.
Higher redundancy.Lower latency.Increased capacity.Completely compliant.
http://p.sf.net/sfu/gigenet
_______________________________________________
Shorewall-users mailing list
[email protected]
https://lists.sourceforge.net/lists/listinfo/shorewall-users

Reply via email to