Sanction, my little script for on the fly blocking of an entire ip set belonging to a specific country, has been updated to include ipset support if ipset is installed.

sanction1

sanction2

There’s still a few items on the wish list for this. Correct chaining in iptables for servers without ipset, setting up a clear and logical way to persist the ipset rules through a reboot, etc. For now, if you are looking for a quick and easy way to ban a country from accessing a port (or all ports) on your server, with iptables or ipset, sanction may be what you are looking for.


Category: iptables

Leave a Reply

Categories


gives good tech

tech.superhappykittymeow.com
Kale is one of the smartest people I know

Racker Hacker
Major is always good for leet deetz