Question

Fail2ban/iptables - Allow selected countries only

Posted December 13, 2014 2.6k views

Hello,

On Ubuntu, is it possible to add location based rules to Fail2ban and/or iptables? I’d like to block all SSH, SMTP, IMAP, etc. connections attempts except these incoming from selected countries.

For example, I know the countries where the few people I need to allow SSH for are located.

Thanks!

These answers are provided by our Community. If you find them useful, show some love by clicking the heart. If you run into issues leave a comment, or add your own answer to help others.

×
1 answer

Here is a great walkthrough of some simple SSH security:

http://bodhizazen.net/Tutorials/SSH_security

In your case, of note is the TCP Wrapper section:
http://bodhizazen.net/Tutorials/SSH_security#TCP

From what I have read you can just set hosts.deny to:


 ALL: PARANOID

and then add the IP’s of the users you want to allow…

I would be keen to hear other ideas on this as well.

Submit an Answer