Created
November 11, 2013 15:44
-
-
Save anonymous/7415239 to your computer and use it in GitHub Desktop.
block-china.sh - simple script to block all traffic from china
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #!/bin/bash | |
| #Copyright 11.11.13 Michell Gailing <gailing.michell@gmail.com> | |
| #It's Licensed under DWWWI 'Do whatever you want with it!' | |
| wget http://www.okean.com/chinacidr.txt | |
| sed -i '1,4d' chinacidr.txt | |
| sed -i 's/ China//g' chinacidr.txt | |
| ipset create china hash:net | |
| while read line; do ipset add china ; done < chinacidr.txt | |
| iptables -I INPUT -m set --match-set china src -j DROP | |
| rm chinacidr.txt |
Currently I have iptables and ajenti installed to manage my server.
ipset seams not to be installed. Will it be enough to just install ipset to make iptables work with ipset ?
Cheers
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Oh pardon i forgot the $line variable
and i get the chinacidr.txt from http://www.okean.com/chinacidr.txt
you can get the working code at https://gist.github.com/Kruemmelmonster/8304729