Welcome to WebmasterWorld Guest from

Forum Moderators: bakedjake

Message Too Old, No Replies

Centos 6 Iptables Country Blocking Bash Script

6:28 am on May 21, 2012 (gmt 0)

New User

5+ Year Member

joined:Mar 22, 2006
posts: 7
votes: 0

I tried using this on my Centos 6 server to block Russia and China but it doesn't appear to be working.


The script runs without a problem but even after restarting iptables service I still see accesses from ip addresses that I can confirm are in the pool of ips that the script calls and is suppose to ad to iptables.

On top of that, /etc/sysconfig/iptables is not altered at all.

Any idea why that isn't working on Centos 6?
7:09 am on May 21, 2012 (gmt 0)

Senior Member from KZ 

WebmasterWorld Senior Member lammert is a WebmasterWorld Top Contributor of All Time 10+ Year Member Top Contributors Of The Month

joined:Jan 10, 2005
posts: 2886
votes: 1

The active list of iptables rules can be requested with "iptables -L -n -v" It could be that the active list is changed but not the stored list in /etc/sysconfig/iptables. The latter is saved manually with the iptables-save command, or during system shutdown if that has been configured in the iptables config.

One common mistake is that such an installation script is not started under user root. Only user root has enough privileges to change the iptables configuration.

One final warning, These scripts from external sources may intentionally or unintentionally change your firewall configuration in such a way that your system becomes either inaccessible, or create a hole for malicious visitors. Use them with care and always be sure that you fully understand how they work before running them. Also having a backdoor for yourself in case the firewall locks up (for example through a remote console connection offered by your ISP) may save you a lot of work and frustration in case the system locks down.

Join The Conversation

Moderators and Top Contributors

Hot Threads This Week

Featured Threads

Free SEO Tools

Hire Expert Members