Portal Home > Knowledgebase > Articles Database > Selectively allow countries in iptables, ban everyone else
Selectively allow countries in iptables, ban everyone else
| Posted by gpl24, 08-07-2008, 02:28 AM |
| This is sort of the opposite of "how can I ban _____ country".
I think it would be easier to ALLOW countries selectively, and deny any contact from anywhere else.
Is something like this feasible without using an offsite script?
I realize this would not have any effect on those using proxies or offshore ISPs.
|
| Posted by CodyRo, 08-07-2008, 03:03 AM |
| A whitelist approach could be dangerous for webhosting (assuming this is where you want to apply it) for a simple reason: what if you forget to add a country and they try to visit your site?
Any who - I'm not sure of a existing script, though you should be able to utilize GeoIP and just make a simple "if not in whitelisted countries - iptable reject".
|
| Posted by gpl24, 08-07-2008, 03:24 AM |
| Nope, would not be used in web hosting. More of a targeted site, to only particular countries of the world.
I am very tempted to try and figure this out on my own, but I'm interested in knowing if anyone else has achieved this before and what their experience was.
|
| Posted by irpr, 08-19-2008, 02:25 AM |
| You can use iptables/GeoIP together easily using iptables GeoIP match
Check this out
|
Add to Favourites 
Print this Article
Also Read
Shared Hosting
Shared Hosting
