1 |
I think there is an easier way of doing this... |
2 |
|
3 |
Why not use the GEOIP IPTABLES patch and then just use this in your |
4 |
firewall: |
5 |
|
6 |
----------------------------------------------------------------------------------------- |
7 |
$IPTABLES -A INPUT -p tcp -m geoip --src-cc CN -j DROP |
8 |
$IPTABLES -A INPUT -p tcp -m geoip --src-cc KR -j DROP |
9 |
$IPTABLES -A INPUT -p tcp -m geoip --src-cc TW -j DROP |
10 |
$IPTABLES -A INPUT -p tcp -m geoip --src-cc HK -j DROP |
11 |
----------------------------------------------------------------------------------------- |
12 |
|
13 |
This way you have 4 simple rules which do the work of that entire script. |
14 |
|
15 |
|
16 |
On 10/10/05, Taka John Brunkhorst <antiwmac@×××××.com> wrote: |
17 |
> |
18 |
> nice but why do we need to block them? |
19 |
> ssh worms? or just lamers? |
20 |
> |
21 |
> -- |
22 |
> antiwmac@×××××.com |
23 |
> Taka John Brunkhorst |