How to limit SSH access or visit my website by country? - firewalld-users - Fedora Mailing-Lists

2024

2023

2022

2021

2020

2019

2018

2017

2016

2015

2014

2013

2012

How to limit SSH access or visit my website by country?

Looking for a command to show the...

Useful rich rules.

Jason Long

Friday, 29 January 2021 Fri, 29 Jan '21

7:02 a.m.

Hello, I read "https://people.netfilter.org/acidfu/geoip/howto/" article and it is about to limit SSH access by country with iptables. How can I implement it with Firewalld? Thank you.

Reply

Show replies by date

Eric Garver

Monday, 1 February Mon, 1 Feb

6:39 a.m.

On Fri, Jan 29, 2021 at 01:02:29PM -0000, Jason Long wrote:

Hello, I read "https://people.netfilter.org/acidfu/geoip/howto/" article and it is about to limit SSH access by country with iptables. How can I implement it with Firewalld?

The common approach is to use ipsets. You can find a list of country IP addresses in CIDR notation. This can be fed into firewalld and then the ipset added as a source to the `block` zone. # firewall-cmd --permanent --new-ipset country --type="hash:net" # firewall-cmd --permanent --ipset country --add-entries-from-file=filename # firewall-cmd --permanent --zone block --add-source ipset:country Hope that helps. Eric.

Reply

1179

days inactive

1182

days old

firewalld-users@lists.fedorahosted.org

Manage subscription

1 comments

2 participants

tags (0)

participants (2)

Eric Garver
Jason Long