rules.sh

#!/bin/bash
# US GOVT
iptables -A INPUT -s 198.81.128.0/18 -j DROP #Central Intelligence Agency Networks
iptables -A INPUT -s 162.81.0.0/16 -j DROP #National Counterintelligence Executive
iptables -A INPUT -s 144.51.0.0/16 -j DROP #National Computer Security Center aka NAVY/NSA/.mil
iptables -A INPUT -s 199.196.128.0/19 -j DROP #Executive Office of Asset Forfeiture aka IRS/Treasury
iptables -A INPUT -s 198.137.240.0/23 -j DROP #Executive Office Of The President USA aka Whitehouse/EOP
iptables -A INPUT -s 164.117.0.0/16 -j DROP #Defense Information Systems Agency aka DOD
iptables -A INPUT -s 131.84.0.0/16 -j DROP #Defense Technical Information Cntr
iptables -A INPUT -s 140.185.0.0/16 -j DROP #Single Agency Manager aka Pentagon
iptables -A INPUT -m iprange --src-range 140.0.0.0-140.75.0.0 -j DROP #DOD Defense Informations Center
iptables -A INPUT -m iprange --src-range 214.0.0.0-215.255.255.255 -j DROP #DOD NIC
# Netcraft probe servers
iptables -A INPUT -s 83.138.189.0/24 -j DROP #Netcraft Owned Class C #1
iptables -A INPUT -s 194.72.238.0/24 -j DROP #Netcraft Owned Class C #2
iptables -A INPUT -s 195.92.0.0/16 -j DROP #Netcraft Owned Class B
iptables -A INPUT -s 64.160.19.0/24 -j DROP #Probe Server Network
iptables -A INPUT -s 65.170.220.0/24 -j DROP #Probe Server Network
iptables -A INPUT -s 68.10.141.0/24 -j DROP #Probe Server Network
iptables -A INPUT -s 71.133.134.0/24 -j DROP #Probe Server Network
iptables -A INPUT -s 128.223.189.0/24 -j DROP #Probe Server Network
iptables -A INPUT -s 141.154.104.0/24 -j DROP #Probe Server Network
iptables -A INPUT -s 142.103.93.0/24 -j DROP #Probe Server Network
# Blocks China
# Requires Iptables with GeoIP and Xtables-addons (http://terminal28.com/how-to-block-countries-using-iptables-debian/)
iptables -A INPUT -m geoip --src-cc CN -j DROP
iptables -A INPUT -s  65.222.202.0/24 -j DROP
# Save
iptables-save