How to Use “ipset” to Block IPs from Country

Previously we learned how we can restrict or allow a particular country using GeoIP but in this article, we’ll cover how we can block large IP ranges using ipset module with iptables. IPset is a command line based utility which is used to administer the framework called IP sets inside the Linux kernel. An IP set may store IP addresses, networks, (TCP/UDP) port numbers, MAC addresses, interface names or combinations of them in a way, which ensures lightning speed when matching an entry against a set. It is an associative application for the iptables Linux firewall which allows us to setup rules quickly and easily to block a set of IP addresses. Here, we’ll see how we can use ipset module with iptables to block a large ranges of IP addresses in our linux based machine.

Source: How to Use “ipset” to Block IPs from Country (LinOxide)

Leave a Reply

Your email address will not be published.

This site uses Akismet to reduce spam. Learn how your comment data is processed.

Recent Posts

Recent Comments

Archives

Categories

Meta

GiottoPress by Enrique Chavez

%d bloggers like this: