0

Earlier today I came across the ability to do country code blocking of connections using iptables (http://www.cyberciti.biz/faq/block-entier-country-using-iptables/). I was wondering if this is possible using firewalld since that is currently what I am using on CentOS servers for a firewall.

Realistically a whitelist of countries would work just as well since really the only one country should have people attempting to connect to it.

Any direction or advice on how to do this would be really appreciated.

Jeremy Battle
  • 133
  • 1
  • 5
  • 3
    Were you looking for [sf]? And are you _absolutely 100% certain_ you need to do this? Unless mandated by law, the answer is probably no. You will lock out much more than you expect and annoy a percentage of your customers greatly. See also: [What is the XY problem?](http://meta.stackexchange.com/q/66377/189912) – Michael Hampton Apr 19 '15 at 15:58
  • You are right, this makes more sense on Server Fault, I will move it if someone can go ahead and close this for me. To get to the point in reference to you XY problem suggestion: I have a handful of people who should be accessing the server, the server is getting a large number of brute force attempts each night. There is no password auth on the box and there is a max 3 login attempts and a long grace period on failed logins so I am not really concerned with it but would like some guidance in further securing the box. I will rephrase my question when I post to Server Fault to reflect this. – Jeremy Battle Apr 19 '15 at 18:35
  • 1
    The #1 solution for brute forcers is fail2ban. – Michael Hampton Apr 19 '15 at 18:45

0 Answers0