Skip to content

Instantly share code, notes, and snippets.

@jasonruyle
Last active October 3, 2024 20:18
Show Gist options
  • Save jasonruyle/8870296 to your computer and use it in GitHub Desktop.
Save jasonruyle/8870296 to your computer and use it in GitHub Desktop.
UFW to block countries

#Country ban with UFW#

Grab your different country ip addresses and save as Linux IPTables

http://www.ip2location.com/free/visitor-blocker

##Add country## Run the following command

while read line; do sudo ufw deny from $line; done < all.txt

Where the filename is the country.

##Remove country## To remove or revert these rules, keep that list of IPs! Then run a command like so to remove the rules:

while read line; do sudo ufw delete deny from $line; done < all.txt

##Suggestion## What I did was exported each individual country as their own country.txt file. But then realized that I wanted to run this thing one time, so I ran the following command:

cat *.txt >> all.txt

Then you can run your rule against all of the files.

@poddmo
Copy link

poddmo commented Jan 17, 2024

I have a repo with a ufw blocklist solution: (https://github.com/poddmo/ufw-blocklist)
There is also a solution there for multiple blocklists (eg per country, bogans, etc) that tests well for me and I just need to document its use.
In particular, check out the method I use to load list into the ipset. It spawns a subshell into the background so as not to hang the system while the list is loaded.

@timlab55
Copy link

timlab55 commented Jan 26, 2024

@poddmo - Is there anyway of compiling the entire "?.txt" into 1 master.txt file? My target clients that I'm trying to get lives within 25 miles from me in a circle. I'm almost certain they are on "NO" blacklist. But with what I"m doing on a website I would like to know that my database and stuff is protected. I"m running this on Debian 12 on a Raspberry Pi verison 4. I don't know if I will be notify if you respond, but my email address is timlab195@gmail.com.
Thanks

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment