[olug] list of United States IP blocks
Christopher Cashell
topher-olug at zyp.org
Sat Jan 13 15:48:18 CST 2018
On Fri, Jan 12, 2018 at 6:22 PM, Lou Duchez <lou at paprikash.com> wrote:
> How would one get a list of United States IP blocks from GeoIP?
>
> I want to load US IPs into iptables and thus keep much of the riffraff out.
I don't know that there's a great way to do it that won't get you in
trouble. Most GeoIP databases are "databases" or otherwise large sets that
may be challenging for iptables. I suppose you could make use of the ipset
features in recent iptables, but GeoIP databases tend to get updated
semi-regularly, and you'll want to track those updates or risk challenges.
I think I remember hearing about an iptables module that could query
externally for a GeoIP DB, but I've never actually looked into it.
Are you looking to "lock down" specific services? Is this for ssh? Web?
Other? The reason I ask, is that there may be other options that can help
reduce your attack surface is simpler, lower maintenance, and less
cumbersome ways.
--
Christopher
More information about the OLUG
mailing list