geoip_iptables_blocking
Differences
This shows you the differences between two versions of the page.
Both sides previous revisionPrevious revisionNext revision | Previous revision | ||
geoip_iptables_blocking [2016/03/08 15:02] – admin | geoip_iptables_blocking [2019/05/08 19:38] (current) – admin | ||
---|---|---|---|
Line 1: | Line 1: | ||
=====GeoIP for use with iptables (Debian 8 Jessie)===== | =====GeoIP for use with iptables (Debian 8 Jessie)===== | ||
+ | // | ||
+ | __**OUTDATED. MAXMIND stuff has changed. needs rework.**__// | ||
===install necessary software=== | ===install necessary software=== | ||
Line 43: | Line 45: | ||
</ | </ | ||
- | ===Bug hunting=== | + | ===Check your success=== |
- | (was on an arm machine, Linux hostname 3.16.0-4-kirkwood #1 Debian 3.16.7-ckt20-1+deb8u4 (2016-02-29) armv5tel GNU/Linux) | + | |
+ | Lets take a look at the attack statistics | ||
+ | |||
+ | {{ :: | ||
+ | |||
+ | phew, 0 attacks since i use GeoIP Tables blocking. I don't need my blocklist.de account anymore. At least not for SSH attacks. | ||
+ | |||
+ | |||
+ | ------------------------------- | ||
+ | |||
+ | Samesame for raspian on raspberry | ||
+ | |||
+ | Install linux kernel headers | ||
+ | |||
+ | < | ||
+ | apt-get update && sudo apt-get install git bc libncurses5-dev libtext-csv-xs-perl autoconf automake libtool xutils-dev iptables-dev -y | ||
+ | |||
+ | wget https://raw.githubusercontent.com/ | ||
+ | |||
+ | cd ~ | ||
+ | rpi-source | ||
+ | </ | ||
+ | |||
+ | Install xtables-addons | ||
+ | |||
+ | < | ||
+ | git clone git:// | ||
+ | cd xtables-addons | ||
+ | ./ | ||
+ | ./ | ||
+ | make -j5 | ||
+ | make install | ||
+ | depmod | ||
+ | reboot | ||
+ | |||
+ | cat /proc/net/ip_tables_matches | ||
- | < | ||
- | limit | ||
conntrack | conntrack | ||
conntrack | conntrack | ||
conntrack | conntrack | ||
multiport | multiport | ||
+ | geoip | ||
udplite | udplite | ||
udp | udp | ||
tcp | tcp | ||
icmp | icmp | ||
- | </ | ||
- | |||
- | no geoip, thats not cool. | ||
- | |||
- | Solution: | ||
- | |||
- | < | ||
- | aptitude install module-assistant | ||
- | *** time to get a cup of coffee *** | ||
- | module-assistant --verbose --text-mode auto-install xtables-addons | ||
</ | </ |
geoip_iptables_blocking.txt · Last modified: 2019/05/08 19:38 by admin