Soledad208 SoledaD208
SoledaD208
/ getIP.py
Last active
August 29, 2015 14:06
a tiny python script to get national IPs, then config iptables to permit all these IPs and block all the foreign traffic (for CentOS)
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| # sciprt's written by SoledaD208, email: not.soledad@gmail.com | |
| # script get national IP from http://www.ipaddresslocation.org, permit all these IP with minimum policy (enable ssh only) | |
| # block all the foreign traffic | |
| # script create 2 new chains in Iptables: VIETNAM-INPUT and NOT-VIETNAM-INPUT: | |
| # accept just ssh protocol in VIETNAM-INPUT chain | |
| # all these foreign traffic jump to NOT-VIETNAM-INPUT chain and block by default | |
| # if have internal networks, you should create more chain for these networks, or add smt like this to iptables config file: | |
| # -A INPUT -i internallIf -m state --state NEW,ESTABLISHED,RELATED -j ACCEPT | |
| import re |