crowetic/QORTector-scripts
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

added to block-china script

Browse Source
This commit is contained in:
crowetic 2024-10-19 22:11:01 -07:00
parent 37787b8bb7
commit 18744a5460
1 changed files with 9 additions and 4 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

13
block-china.sh
View File

@ -1,6 +1,6 @@
#!/bin/bash #!/bin/bash
# Block Chinese IP ranges # List of Chinese IP ranges
declare -a ip_ranges=( declare -a ip_ranges=(
"36.0.0.0/8" "36.0.0.0/8"
"39.0.0.0/8" "39.0.0.0/8"
@ -32,14 +32,19 @@ declare -a ip_ranges=(
"203.0.0.0/8" "203.0.0.0/8"
) )
# Loop through the IP ranges and add iptables rules to block them # Loop through the IP ranges and add iptables rules to block inbound and outbound traffic
for ip_range in "${ip_ranges[@]}" for ip_range in "${ip_ranges[@]}"
do do
# Block inbound traffic
sudo iptables -A INPUT -s $ip_range -j DROP sudo iptables -A INPUT -s $ip_range -j DROP
echo "Blocked IP range: $ip_range" echo "Blocked inbound traffic from IP range: $ip_range"
# Block outbound traffic
sudo iptables -A OUTPUT -d $ip_range -j DROP
echo "Blocked outbound traffic to IP range: $ip_range"
done done
# Add connection limit rule # Add connection limit rule on port 12392
sudo iptables -A INPUT -p tcp --syn --dport 12392:12392 -m connlimit --connlimit-above 15 --connlimit-mask 32 -j REJECT --reject-with tcp-reset sudo iptables -A INPUT -p tcp --syn --dport 12392:12392 -m connlimit --connlimit-above 15 --connlimit-mask 32 -j REJECT --reject-with tcp-reset
echo "Connection limit rule added on port 12392" echo "Connection limit rule added on port 12392"