Welcome to WebmasterWorld Guest from

Forum Moderators: bakedjake

Message Too Old, No Replies

Centos 6 Iptables Country Blocking Bash Script

6:28 am on May 21, 2012 (gmt 0)

5+ Year Member

I tried using this on my Centos 6 server to block Russia and China but it doesn't appear to be working.


The script runs without a problem but even after restarting iptables service I still see accesses from ip addresses that I can confirm are in the pool of ips that the script calls and is suppose to ad to iptables.

On top of that, /etc/sysconfig/iptables is not altered at all.

Any idea why that isn't working on Centos 6?
7:09 am on May 21, 2012 (gmt 0)

WebmasterWorld Senior Member lammert is a WebmasterWorld Top Contributor of All Time 10+ Year Member Top Contributors Of The Month

The active list of iptables rules can be requested with "iptables -L -n -v" It could be that the active list is changed but not the stored list in /etc/sysconfig/iptables. The latter is saved manually with the iptables-save command, or during system shutdown if that has been configured in the iptables config.

One common mistake is that such an installation script is not started under user root. Only user root has enough privileges to change the iptables configuration.

One final warning, These scripts from external sources may intentionally or unintentionally change your firewall configuration in such a way that your system becomes either inaccessible, or create a hole for malicious visitors. Use them with care and always be sure that you fully understand how they work before running them. Also having a backdoor for yourself in case the firewall locks up (for example through a remote console connection offered by your ISP) may save you a lot of work and frustration in case the system locks down.

Featured Threads

Hot Threads This Week

Hot Threads This Month