yes there is: http://people.netfilter.org/peejix/geoip/howto/geoip-HOWTO-2.html it's a geoip patch for iptables, allows you to block entire countries, or you can allow connections from only certain countries. Dave ================== On 11/29/05, David Leangen <netfilter@xxxxxxxxxxx> wrote: > > Hello, > > I don't know why, but I'm getting a little fed up with break-in attempts > happening every single day. > > Do I just have to accept this as a fact of life? > > > I started keeping a list of IP addresses that I'm just going to > blacklist, but this does not seem like a maintainable solution. For now, > I'm just adding lines like so: > > ... > -A INPUT -s xxx.xxx.xxx.xxx -j BLACKLIST > ... > -A BLACKLIST -j DROP > ... > > What is common practice? > > > Is it possible to blacklist any packets that come from a server from a > given country? > > > Thanks for the advice! > Dave > > > >
