Gentoo Archives: gentoo-security

From: Dave Strydom <strydom.dave@×××××.com>
To: gentoo-security@l.g.o
Subject: Re: [gentoo-security] If your interested
Date: Mon, 10 Oct 2005 05:13:50
In Reply to: Re: [gentoo-security] If your interested by Taka John Brunkhorst
I think there is an easier way of doing this...

Why not use the GEOIP IPTABLES patch and then just use this in your

$IPTABLES -A INPUT -p tcp -m geoip --src-cc CN -j DROP
$IPTABLES -A INPUT -p tcp -m geoip --src-cc KR -j DROP
$IPTABLES -A INPUT -p tcp -m geoip --src-cc TW -j DROP
$IPTABLES -A INPUT -p tcp -m geoip --src-cc HK -j DROP

This way you have 4 simple rules which do the work of that entire script.

On 10/10/05, Taka John Brunkhorst <antiwmac@×××××.com> wrote:
> > nice but why do we need to block them? > ssh worms? or just lamers? > > -- > antiwmac@×××××.com > Taka John Brunkhorst


Subject Author
Re: [gentoo-security] If your interested Ben Anderson <ben@××××××××××××××××××.au>
Re: [gentoo-security] If your interested Elisamuel Resto <user00265@×××××.com>