intrd/br_allow.sh

## br_allow.sh
#!/bin/bash
## IPtables - Rulescript to allow only brazilian ip's
# @author intrd - http://dann.com.br/
# @license Creative Commons Attribution-ShareAlike 4.0 International License - http://creativecommons.org/licenses/by-sa/4.0/

# Brazil
ipset -F br.zone
ipset -N br.zone nethash
for IP in $(wget -O - http://www.ipdeny.com/ipblocks/data/countries/br.zone)
       do ipset -A br.zone $IP
       echo $IP
done

iptables -A INPUT -m set --match-set br.zone src -p tcp --match multiport --dports 13000:19000 -j ACCEPT
iptables -A INPUT                               -p tcp --match multiport --dports 13000:19000 -j DROP
#iptables -A INPUT -m set --match-set br.zone src -p tcp --dport 13169 -j ACCEPT
#iptables -A INPUT                               -p tcp --dport 13169 -j DROP
	#!/bin/bash
	## IPtables - Rulescript to allow only brazilian ip's
	# @author intrd - http://dann.com.br/
	# @license Creative Commons Attribution-ShareAlike 4.0 International License - http://creativecommons.org/licenses/by-sa/4.0/

	# Brazil
	ipset -F br.zone
	ipset -N br.zone nethash
	for IP in $(wget -O - http://www.ipdeny.com/ipblocks/data/countries/br.zone)
	do ipset -A br.zone $IP
	echo $IP
	done

	iptables -A INPUT -m set --match-set br.zone src -p tcp --match multiport --dports 13000:19000 -j ACCEPT
	iptables -A INPUT -p tcp --match multiport --dports 13000:19000 -j DROP
	#iptables -A INPUT -m set --match-set br.zone src -p tcp --dport 13169 -j ACCEPT
	#iptables -A INPUT -p tcp --dport 13169 -j DROP