DNSBL blocks and iptables
Goal: block all IP addresses from China (and possibly others) when they hit iptables, before they get to anywhere else in my system.
Why: China has no need to be accessing my home, personal server. A large majority of unauthorized ssh connections originate in China. How: Not sure! I've found this site: http://countries.nerd.dk/more.html But I'm not sure how to translate that into adding iptables rules. I'm thinking something along the lines of: Code:
1. rsync the zone file to my local PC and setup a zone in named My main issue is that I don't quite understand DNSBL and how they work with named. Or if the above is even possible. Is there a better way? I could just find a list of IP addresses/CIDR masks that are associated with China, but that would be a static list, whereas the above is dynamic. Also, any lists I've found seem to be inaccurate (a static IP address for a company I used to work at is listed as China, but it's definitely Australian!) |
|
Lovely - thank you :)
|
All times are GMT -5. The time now is 04:13 AM. |