Using geoip with iptables

September 7 2010 by admin in Uncategorized |No Comments
Hi, I have a dedicated web server in the US and it is receiving a lot of bogus requests from China, Brazil, Turkey.

From the log I see they are trying to brute force dovecot.

I host a website on this server, so I need dovecot just to read the emails customers send to me. This means I’m the only user of dovecot.

I thought to use geoip with iptables to ban all accesses to dovecot from countries other than mine.

I’m no expert of iptables and googling I found that it is possible to use it with geoip to specify which countries to ban. What i want, however, is to allow only accesses from my country. This way I don’t need to add new rules to iptables every time a new ip from a non banned country attacks me.

From what I understand, iptables uses the -j DROP switch to send matching packets to hell. What i want is to send non matching patterns to hell.

This way I use -m geoip –src-c my_country_code and I need to drop all packets from countries that are not my own.

View full post on Webmaster-Talk.com

Tags: , ,

Leave a Reply

XHTML: You can use these tags: <a href="" title=""> <abbr title=""> <acronym title=""> <b> <blockquote cite=""> <cite> <code> <del datetime=""> <em> <i> <q cite=""> <strike> <strong>

« »
Get Adobe Flash playerPlugin by wpburn.com wordpress themes


RSS Site FeedRSS Site Feed

© 1992-2011 DC2NET™, Inc. All Rights Reserved