mkorthof/ipset-country.md

Last active May 5, 2023 00:28

Star () You must be signed in to star a gist
Fork () You must be signed in to fork a gist

Learn more about clone URLs
Clone this repository at <script src="https://gist.github.com/mkorthof/3033ff64c4a5b4bd31336d422104d543.js"></script>
Save mkorthof/3033ff64c4a5b4bd31336d422104d543 to your computer and use it in GitHub Desktop.

Download ZIP

Block countries using iptables + ipset + ipdeny.com -> moved to https://github.com/mkorthof/ipset-country

Raw

ipset-country.md

Moved to own repo:

https://github.com/mkorthof/ipset-country

Sevyron commented Nov 12, 2019

Hey kor, iv been using your work for some time on, but recently the main web were we get all the zones ipv4s it's down for some reason idk why, but i tried to add a different source url-get but im facing the md5sum verification, would you add an option on the script to either check or not the md5sum?

i'm trying to add zones from ipverse dut net and yea, other than that, you did it just fine men! n.n

Author

mkorthof commented Nov 16, 2019

Hey kor, iv been using your work for some time on, but recently the main web were we get all the zones ipv4s it's down for some reason idk why, but i tried to add a different source url-get but im facing the md5sum verification, would you add an option on the script to either check or not the md5sum?

i'm trying to add zones from ipverse dut net and yea, other than that, you did it just fine men! n.n

I noticed this also and switched to ipverse.net too and had to comment md5 checks in func_zf() function because ipverse does not supply md5 checksums. Looks like ipdeny is back now, but I'll add an option to disable md5 checks anyways.

If you have further issues feel free to create an issue at the repo (https://github.com/mkorthof/ipset-country/issues)

rshackleford2020 commented Jan 26, 2020

This is a great little script, very easy to set up and use. It only took a few minutes to get it up and running on Debian 10. Wouldn't DROP be preferable to REJECT though in the iptables rules? (Maybe make it a config choice?)

Author

mkorthof commented Jan 29, 2020

Wouldn't DROP be preferable to REJECT though in the iptables rules? (Maybe make it a config choice?)

Added as issue #1

SushantRathore-Admin commented May 14, 2020

Hi everyone,

I am using ipset on Amazon Linux 2, its working well. i have created SETNAME( web-access-block) and also added one ip (192.168.0.10) in web-access-block ipset file.

My questions are :-

How i will know that, When had i add any ip in SETNAME( web-access-block) ?
Can i release ip from SETNAME( web-access-block). which i was added 30 days ago, using script or any others way ?

Please help me.
Thanks
Sushant Kr Kunwar

Author

mkorthof commented May 21, 2020

Hi @SushantRathore-Admin,
I don't think your questions are in any way related to the script that used to be posted in this gist.
If you have any issues specifically related to ipset-country feel free to create an issue for the repo linked on top.

Horsyy commented Apr 15, 2021

So recently i tried to setup the ipset-country, all works fine but.. i am running a FiveM server so when the server tries to send a heartbeat, it fails with the error:

Failed to connect to api.steampowered.com port 443
Failed to connect to keymaster.fivem.net port 443

What can i do to fix this issue?

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment