Ban a whole country with an iptables script

Let’s say you want to completely ban a country from accessing your servers.. E.g. : countries that have very shallow internet laws

Note : in regards to Epe’s comment, this article has been updated with a newer script, which should be doing a better job. Please drop me a comment, I’d love to hear feedback !

This script will parse the RIPE database and generate the iptables rules automatically..

Download the script here : https://www.wains.be/pub/update_country_block_list

The output would look like this :

-A INPUT -s 62.217.192.0/18 -m state --state NEW -j DROP -A INPUT -s 62.231.64.0/18 -m state --state NEW -j DROP -A INPUT -s 80.74.48.0/20 -m state --state NEW -j DROP

Or like this if you just want blocks :

62.217.192.0/18 62.231.64.0/18 80.74.48.0/20

You can use the output with iptables or any other firewall




Thanks for reading this post!


Did you find an issue in this article?

- click on the following Github link
- log into Github with your account
- click on the line number containing the error
- click on the "..." button
- choose "Reference in new issue"
- add a title and your comment
- click "Submit new issue"

Your feedback is much appreciated! πŸ€œπŸΌπŸ€›πŸΌ

You can also drop me a line below!