Navigation

Combikrist · #1 20th November 2010, 09:46

Hy there!

I'm rinnung a virtual server at hosteurope.de
First I used PLESK, but it is quite heavy to run for the vserver.
So I tried ISPConfig.

Ubuntu 8.04.1 fresh installed with ISPConfig3.
It runs like a charm!

Now, I want to block Asianet and some other countries with my firewall.
On PLESK I used the integrated firewall-settings -have a look at the attachment-

How can I accomplish this with ISPConfig?
I tried to follow HOWTO: Implement iptables blocking by Country but I ran into some serious incompatibilities with Ubuntu 8.04

my regards

drewb0y · #2 21st November 2010, 07:32

Check out my post about blocking by countries.

HOWTO: Implement iptables blocking by Country

Hopefully that will help you out.

Antennipasi · #3 21st November 2010, 08:43

Quote:

Originally Posted by Combikrist

Now, I want to block Asianet and some other countries with my firewall.

Sure you do with that list. Where have you find list like that?

Even firs 58.*-rule blocks networks from:
Afghanistan
Australia
Bangladesh
China
Hong
India
Indonesia
Japan
Korea
Malaysia
New Zealand
Pakistan
Philippines
Singapore
Taiwan
Thailand
Vietnam

I did not even bother to check out rest of them. They are _way_ too much.

Currently Maxmind's GeoIP-database has 289 net-blocks from Asia. With your current firewall implementation you need 289 for Asia-rules to prevent blocking countries you (or your clients?) don't want to block.

I suggest you try again with drewb0y's HOWTO.

Combikrist · #4 22nd November 2010, 09:10

Quote:

Originally Posted by Antennipasi

Sure you do with that list. Where have you find list like that?

I created it.

I blocked the complete APNIC Range, and some of the AFRINIC ranges.

You can find the ranges here:
some
AFRINIC
APNIC
some more

Now I added the DROPs to my iptables with the following commandline commands:

Code:

iptables -I INPUT -s 58.0.0.0/255.0.0.0 -j DROP
iptables -I INPUT -s 59.0.0.0/255.0.0.0 -j DROP
iptables -I INPUT -s 60.0.0.0/255.0.0.0 -j DROP
iptables -I INPUT -s 61.0.0.0/255.0.0.0 -j DROP
iptables -I INPUT -s 121.0.0.0/255.0.0.0 -j DROP
iptables -I INPUT -s 122.0.0.0/255.0.0.0 -j DROP
iptables -I INPUT -s 123.0.0.0/255.0.0.0 -j DROP
iptables -I INPUT -s 124.0.0.0/255.0.0.0 -j DROP
iptables -I INPUT -s 125.0.0.0/255.0.0.0 -j DROP
iptables -I INPUT -s 126.0.0.0/255.0.0.0 -j DROP
iptables -I INPUT -s 202.0.0.0/255.0.0.0 -j DROP
iptables -I INPUT -s 203.0.0.0/255.0.0.0 -j DROP
iptables -I INPUT -s 210.0.0.0/255.0.0.0 -j DROP
iptables -I INPUT -s 211.0.0.0/255.0.0.0 -j DROP
iptables -I INPUT -s 218.0.0.0/255.0.0.0 -j DROP
iptables -I INPUT -s 219.0.0.0/255.0.0.0 -j DROP
iptables -I INPUT -s 220.0.0.0/255.0.0.0 -j DROP
iptables -I INPUT -s 221.0.0.0/255.0.0.0 -j DROP
iptables -I INPUT -s 222.0.0.0/255.0.0.0 -j DROP
iptables -I INPUT -s 200.0.0.0/255.0.0.0 -j DROP
iptables -I INPUT -s 201.0.0.0/255.0.0.0 -j DROP
iptables -I INPUT -s 66.196.0.0/255.255.0.0 -j DROP
iptables -I INPUT -s 206.141.193.0/255.255.255.0 -j DROP
iptables -I INPUT -s 180.168.0.0/255.255.0.0 -j DROP