Is using a blacklist in iptables a good strategy?

David Leangen netfilter at
Wed Nov 30 15:51:58 CET 2005


> > I'm getting a little fed up with break-in attempts happening every 
> > single day.

> My current way of doing this is using the ipt_recent
> so now I only block the 'strage connections' for some time...
> here's some copy/paste from my current ipt rule set

> it's a geoip patch for iptables, allows you to block entire countries,
> or you can allow connections from only certain countries.

Thanks for the great tips!


More information about the netfilter mailing list