There is a kernel module which you can build yourself. Or you can write
a script to generate huge iptables rules from your geoips details.
You should be careful to update it regularly. And also keep in mind that
long time 'unallocated' ranges are now allocated.
1/8 for example, a large chunk of which is now allocated to Optus 3g via
APNIC.
Dean
On 11/10/10 13:29, Ben Donohue wrote:
Hi all,
I'm running an ecommerce site and currently I only deal with Australian
shoppers.
However there are many hacking attempts from non Aussie IP addresses.
I'm looking at blocking everything that is non-Australian.
Has anyone done this? Any issues/ gotcha's/ tips/ etc?
Should I do it at the ISP or iptables? (would need a hand with IP tables)
I've found geoip, still looking into it.
--
http://fragfest.com.au
--
SLUG - Sydney Linux User's Group Mailing List - http://slug.org.au/
Subscription info and FAQs: http://slug.org.au/faq/mailinglists.html
