View Single Post
  #2  
Old 22nd July 2012, 15:18
pititis pititis is offline
Senior Member
 
Join Date: Dec 2010
Location: München
Posts: 364
Thanks: 38
Thanked 86 Times in 68 Posts
Default

Try this script


Code:
#!/bin/bash

_input=countries.txt
IPT=/sbin/iptables
$IPT -N COUNTRIES-BLACKLIST
while IFS= read -r ip
do
	$IPT -A COUNTRIES-BLACKLIST -i eth0 -s $ip -j DROP
	done < "$_input"
	$IPT -I INPUT -j COUNTRIES-BLACKLIST
	$IPT -I OUTPUT -j COUNTRIES-BLACKLIST
	$IPT -I FORWARD -j COUNTRIES-BLACKLIST
and put the subnets in the countries.txt file:
Code:
60.160.0.0/15
223.165.4.0/22
run the script and test iptables:

Code:
iptables -L COUNTRIES-BLACKLIST -n
Cheers!
Reply With Quote