geoip_iptables_blocking
Differences
This shows you the differences between two versions of the page.
Both sides previous revisionPrevious revisionNext revision | Previous revisionNext revisionBoth sides next revision | ||
geoip_iptables_blocking [2016/03/08 14:29] – admin | geoip_iptables_blocking [2017/06/19 11:48] – admin | ||
---|---|---|---|
Line 1: | Line 1: | ||
=====GeoIP for use with iptables (Debian 8 Jessie)===== | =====GeoIP for use with iptables (Debian 8 Jessie)===== | ||
- | install necessary software | + | ===install necessary software=== |
< | < | ||
Line 7: | Line 7: | ||
</ | </ | ||
- | create a weekly cronjob | + | ===create a weekly cronjob=== |
< | < | ||
- | cat / | + | vi / |
#!/bin/sh | #!/bin/sh | ||
Line 25: | Line 25: | ||
</ | </ | ||
- | make it executable | + | ===make it executable=== |
< | < | ||
Line 31: | Line 31: | ||
</ | </ | ||
- | insert geoip rules into iptables ruleset | + | ===insert geoip rules into iptables ruleset=== |
< | < | ||
Line 37: | Line 37: | ||
</ | </ | ||
- | Log anything else | + | ===Log anything else=== |
< | < | ||
iptables -A INPUT -p tcp -m state --state NEW -m geoip ! --source-country CH -m tcp --dport 22 -j LOG --log-prefix " | iptables -A INPUT -p tcp -m state --state NEW -m geoip ! --source-country CH -m tcp --dport 22 -j LOG --log-prefix " | ||
+ | </ | ||
+ | |||
+ | ===Check your success=== | ||
+ | |||
+ | Lets take a look at the attack statistics | ||
+ | |||
+ | {{ :: | ||
+ | |||
+ | phew, 0 attacks since i use GeoIP Tables blocking. I don't need my blocklist.de account anymore. At least not for SSH attacks. | ||
+ | |||
+ | |||
+ | ------------------------------- | ||
+ | |||
+ | Samesame for raspian on raspberry | ||
+ | |||
+ | Install linux kernel headers | ||
+ | |||
+ | < | ||
+ | apt-get update && sudo apt-get install git bc libncurses5-dev libtext-csv-xs-perl autoconf automake libtool xutils-dev iptables-dev -y | ||
+ | |||
+ | wget https:// | ||
+ | |||
+ | cd ~ | ||
+ | rpi-source | ||
+ | </ | ||
+ | |||
+ | Install xtables-addons | ||
+ | |||
+ | < | ||
+ | git clone git:// | ||
+ | cd xtables-addons | ||
+ | ./ | ||
+ | ./configure | ||
+ | make -j5 | ||
+ | make install | ||
+ | depmod | ||
+ | reboot | ||
+ | |||
+ | cat / | ||
+ | |||
+ | conntrack | ||
+ | conntrack | ||
+ | conntrack | ||
+ | multiport | ||
+ | geoip | ||
+ | udplite | ||
+ | udp | ||
+ | tcp | ||
+ | icmp | ||
</ | </ |
geoip_iptables_blocking.txt · Last modified: 2019/05/08 19:38 by admin