Skip to content

Instantly share code, notes, and snippets.

@adam12
Last active December 10, 2019 20:47
Show Gist options
  • Save adam12/0dd5835004fe018a503b4b39d29ea4e5 to your computer and use it in GitHub Desktop.
Save adam12/0dd5835004fe018a503b4b39d29ea4e5 to your computer and use it in GitHub Desktop.
Block some countries from SSH-bruteforcing using ipset
#!/bin/sh
# vim:ts=2:sts=2:sw=2:et:ft=sh:
IPSET="ipset"
IPTABLES="iptables"
SETNAME="geoblock"
$IPSET create $SETNAME hash:net
for IP in $(curl -s http://www.ipdeny.com/ipblocks/data/countries/{cn,ru,kr,pk,tw,sg,hk,ar}.zone)
do
$IPSET add $SETNAME $IP
done
$IPTABLES -I INPUT -m set --match-set $SETNAME src -p tcp --dport 22 -j DROP
@nubbyless
Copy link

nubbyless commented Aug 7, 2018

i get error like this with your script in centos 7

ipset v6.29: Syntax error: Second element is missing from 62.182.8.0/21.
ipset v6.29: Syntax error: Second element is missing from 62.182.24.0/21.
ipset v6.29: Syntax error: Second element is missing from 62.182.48.0/21.

@davert318
Copy link

It's the same for a later version:
ipset v7.1: Syntax error: Second element is missing from 185.197.32.0/22.
ipset v7.1: Syntax error: Second element is missing from 185.197.72.0/22.
ipset v7.1: Syntax error: Second element is missing from 185.197.232.0/22.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment