Go Back   HowtoForge Forums | HowtoForge - Linux Howtos and Tutorials > ISPConfig 3 > Tips/Tricks/Mods

Do you like HowtoForge? Please consider supporting us by becoming a subscriber.
Reply
 
Thread Tools Display Modes
  #11  
Old 18th November 2010, 17:02
biggdog biggdog is offline
Member
 
Join Date: Nov 2010
Posts: 61
Thanks: 3
Thanked 5 Times in 5 Posts
Default

I may have misread your last post. After saving the rules to /etc/... I can reboot and have everything saved. My concern is how can we accomplish this through ispconfig?
Reply With Quote
Sponsored Links
  #12  
Old 7th December 2010, 03:39
ByteMe Networking ByteMe Networking is offline
Junior Member
 
Join Date: Dec 2010
Location: Virginia Beach VA.
Posts: 24
Thanks: 7
Thanked 7 Times in 3 Posts
Default Works Like a Charm!

Hey drewb0y,

Thanks for the great stuff. Works like a Charm!

Just one thing though. I went though my logs and found a few countries that were attempting to hack my server or root it so I blocked them.

After the logs cleared up I noticed that ISPConfig 3.0.3 was acting funny. Navigation loading really slow.
Latest news not working at all.
Freshclam not updating.
Things like that.

Well after some investigation I found that ISPConfigs main site and Freshclam all come from Germany.

I had to unblock Germany before ISPConfig would work as it should again.

Just a heads up.

Thanks for the great post,
Casey
Reply With Quote
  #13  
Old 7th March 2012, 19:44
fulltilt fulltilt is offline
Junior Member
 
Join Date: Oct 2006
Posts: 14
Thanks: 0
Thanked 0 Times in 0 Posts
Default

i'm trying to install but:
Code:
http://jengelh.medozas.de/files/geoip/geoip_src.tar.bz2
seems like site is offline ... is there any other download source?

debian squeeze
Reply With Quote
  #14  
Old 6th November 2012, 06:13
trident trident is offline
Junior Member
 
Join Date: Nov 2012
Posts: 1
Thanks: 0
Thanked 0 Times in 0 Posts
Default

Quote:
Originally Posted by fulltilt View Post
i'm trying to install but:
Code:
http://jengelh.medozas.de/files/geoip/geoip_src.tar.bz2
seems like site is offline ... is there any other download source?

debian squeeze

I failed at this step, too.

I did get nginx geo IP blocking set up, however.
Reply With Quote
  #15  
Old 6th November 2012, 15:13
ByteMe Networking ByteMe Networking is offline
Junior Member
 
Join Date: Dec 2010
Location: Virginia Beach VA.
Posts: 24
Thanks: 7
Thanked 7 Times in 3 Posts
Default

The missing link extracts the following code to the geoip_csv_iv0.pl file.
Just create the file above with this code and you should be able to complete this TT.

Code:
#!/usr/bin/perl
#
#       Converter for MaxMind CSV database to binary, for xt_geoip
#       Copyright © CC Computer Consultants, 2008
#
#       Contact: Jan Engelhardt <jengelh@computergmbh.de>
#
#       Use -b argument to create big-endian tables.
#
use Getopt::Long;
use IO::Handle;
use Text::CSV_XS; # or trade for Text::CSV
use strict;

my %country;
my %names;
my $csv = Text::CSV_XS->new({binary => 0, eol => $/}); # or Text::CSV
my $mode = "VV";

&Getopt::Long::Configure(qw(bundling));
&GetOptions("b" => sub { $mode = "NN"; });

while (my $row = $csv->getline(*ARGV)) {
        if (!defined($country{$row->[4]})) {
                $country{$row->[4]} = [];
                $names{$row->[4]} = $row->[5];
        }
        my $c = $country{$row->[4]};
        push(@$c, [$row->[2], $row->[3]]);
        if ($. % 4096 == 0) {
                print STDERR "\r\e[2K$. entries";
        }
}

print STDERR "\r\e[2K$. entries total\n";

foreach my $iso_code (sort keys %country) {
        printf "%5u ranges for %s %s\n",
                scalar(@{$country{$iso_code}}),
                $iso_code, $names{$iso_code};

        open(my $fh, ">".uc($iso_code).".iv0");
        foreach my $range (@{$country{$iso_code}}) {
                print $fh pack($mode, $range->[0], $range->[1]);
        }
        close $fh;
}
I could not find my original download of that file but this is all that was in it.

Sorry for the late response.
Hope it helps.
__________________
Have hope.
Take care of your local Veterans and Community.
http://vbelks.org
Reply With Quote
  #16  
Old 3rd February 2013, 14:02
Hoox Hoox is offline
Junior Member
 
Join Date: Oct 2010
Posts: 8
Thanks: 0
Thanked 0 Times in 0 Posts
Default

Thanks alot for this! I got this working using the hint from Casey.
How would I go about blocking everything but one country on a single port? For instance, I want to block access to port 22(ssh) from all countries but Denmark?
Reply With Quote
  #17  
Old 5th October 2013, 00:07
sethuper sethuper is offline
Junior Member
 
Join Date: Feb 2010
Posts: 3
Thanks: 0
Thanked 0 Times in 0 Posts
 
Default

I have followed step by step in this tutorial, everything is describe, how to install and use iptables with geoip to block countries.
http://terminal28.com/how-to-block-c...tables-debian/
Reply With Quote
Reply

Bookmarks

Thread Tools
Display Modes

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off

Forum Jump

Similar Threads
Thread Thread Starter Forum Replies Last Post
Blocking Based on Country with GeoIP, xtables-addons, and iptables linus3x Installation/Configuration 2 4th October 2013 23:56
Iptables gateway with one lan adapter tsmr Installation/Configuration 1 7th August 2008 12:02
IPtables rule to let PPTP access LAN brianwebb01 Installation/Configuration 0 1st May 2008 21:23
Match IP with MAC using iptables for squid block cooljai Server Operation 0 30th August 2007 18:30
configuring IPTABLES firewall adityavpratap HOWTO-Related Questions 9 27th May 2006 21:42


All times are GMT +2. The time now is 02:45.


Powered by vBulletin® Version 3.8.7
Copyright ©2000 - 2014, vBulletin Solutions, Inc.