Country Ban?

Status
Not open for further replies.

jrosetto

Member
Apr 29, 2020
71
6
8
37
I have been looking for a solid solution for country ban through iptables or some other means but haven't found that perfect setup yet.

I was wondering if others were possibly doing the same and could provide some input on their experience with different options.

Fail2ban is busy all day long banning other countries that are hitting my servers. We only do business in the USA so I would love to find a way to only whitelist USA IP's through iptables and block everything else. I am having trouble finding a IP list that is current and getting frequent updates.

Suggestions or other options are appreciated!
 

bdmonsey

Member
Jul 23, 2019
146
6
18
42
I once picked this site up by one of the IT Expo's but i haven't tried it yet, You can try it and let me know how this works

At the same time, I started using IDT for my international calling, they only allow calls to country that I allow even though it gives me some more calls sometimes from customers that they can't call certain countries and I have to enable it, it still pays this headache vs getting robbed by voip attacks.

Good luck
 

mat1010

Member
Jun 8, 2019
56
13
8
Germany
Have you had a look at voipbl.org? You can also set parameters to whitelist specific countries to avoid false-positives. It helped me a lot to get rid of known networks that try to brute-force our setup.
 
  • Like
Reactions: iota

iota

New Member
May 29, 2020
24
8
3
USA
@mat1010 Thank you for sharing that! Will give it a shot too. They also offer on their website a form to report IPs that are making attempts on your system (for consideration to be added to the ban list).
 
  • Like
Reactions: mat1010

roger_roger

Member
Oct 12, 2016
198
19
18
69
I'm late to the party but I have developed an ACL that I put into my routers that block a lot of the bad guys. You can start off by just blocking some RIPE superblocks. If you want my ACL, just PM me and I'll send it to you.
 

mcs3ss2

Active Member
Sep 8, 2020
247
26
28
AU
hey guys

anyone can make an input

What should I put in place of XXXXXXXXX

Code:
voipbl[serial=XXXXXXXXXX]

this is for voipbl instructions mentioned above

EDIT - I am using Freeswitch/fusionPBX
 

trey168

New Member
Apr 14, 2020
8
0
1
36
I had looked awhile back at trying the following: https://linoxide.com/linux-how-to/block-ips-countries-geoip-addons/

I ended up just dropping everything in iptables and only allowing the IPs we own. We are an ISP but do not offer VoIP if customers are not on our network. We are going to spin up some servers in the next few weeks that will need to be accessed from the outside so I'm going to give that link a shot then.

Our publicly visible servers get hammered by China and Russia IPs 24/7, its kind of obnoxious.
 

gflow

Active Member
Aug 25, 2019
261
28
28
Will having so many rules in your IPtables using a tool like voipbl cause performance issues?
 
Status
Not open for further replies.