Blocking an entire country IP range or TLD with iptables
Friday, September 7th, 2007 at 12:16 pm
| 6,865 views
| trackback url
I’ve had some trouble on our production webservers from entire countries hammering and abusing the services we provide. It used to be a good chunk of Brazil, but now it appears to be Costa Rica.
I found this useful tool that lets me see the ranges used by these countries. For example, I put in 200.91.76.117 and it returns this useful output:
Country = Costa Rica Decimal IP Range = 3361423360 - 3361456127 Dot IP Range = 200.91.64.0 - 200.91.191.255
From here, I use iptables and issue the following:
$IPTABLES -A INPUT -m iprange --src-range 201.192.0.0-201.207.255.255 -p tcp -m tcp --dport 80 -j DROP
No more abuse from that entire country on port 80.