1609133877c438ef127b954e276fdbbf3be3e43a
By:
Sinklar

Fail2ban/iptables - Allow selected countries only

December 13, 2014 1.2k views

Hello,

On Ubuntu, is it possible to add location based rules to Fail2ban and/or iptables? I'd like to block all SSH, SMTP, IMAP, etc. connections attempts except these incoming from selected countries.

For example, I know the countries where the few people I need to allow SSH for are located.

Thanks!

1 Answer

Here is a great walkthrough of some simple SSH security:

http://bodhizazen.net/Tutorials/SSH_security

In your case, of note is the TCP Wrapper section:
http://bodhizazen.net/Tutorials/SSH_security#TCP

From what I have read you can just set hosts.deny to:


 ALL: PARANOID

and then add the IP's of the users you want to allow...

I would be keen to hear other ideas on this as well.

Have another answer? Share your knowledge.