{"id":404,"date":"2014-07-05T03:25:20","date_gmt":"2014-07-05T03:25:20","guid":{"rendered":"http:\/\/ixyzero.com\/blog\/?p=404"},"modified":"2014-07-05T03:25:20","modified_gmt":"2014-07-05T03:25:20","slug":"%e7%94%a8-iptables-%e5%b1%8f%e8%94%bd%e6%9d%a5%e8%87%aa%e6%8c%87%e5%ae%9a%e5%9b%bd%e5%ae%b6%e7%9a%84ip","status":"publish","type":"post","link":"https:\/\/ixyzero.com\/blog\/archives\/404.html","title":{"rendered":"\u7528 iptables \u5c4f\u853d\u6765\u81ea\u6307\u5b9a\u56fd\u5bb6\u7684IP"},"content":{"rendered":"<p>\u5728\u4f60\u5efablog\u7684\u65f6\u5019\u4f60\u5c31\u5e94\u8be5\u8003\u8651\u5230\u7f51\u7ad9\u88ab\u6076\u610f\u626b\u63cf\u7684\u60c5\u51b5\u4ee5\u53ca\u5e94\u5bf9\u65b9\u6cd5\uff0c\u4e00\u79cd\u6bd4\u8f83\u6781\u7aef\u548c\u76f4\u63a5\u7684\u65b9\u6cd5\u662f\u76f4\u63a5\u5c4f\u853d\uff08\u867d\u7136\u8bf4\u6211\u8fd8\u6ca1\u6709\u9047\u5230\u8fc7\u8fd9\u79cd\u60c5\u51b5\uff0c\u5f53\u7136\u6211\u4e5f\u4e0d\u5e0c\u671b\u9047\u5230\uff0c\u4f46\u662f\uff0c\u672a\u96e8\u7ef8\u7f2a\u5427\uff0c\u800c\u4e14\u4e5f\u662f\u4e2a\u719f\u6089shell\u811a\u672c\u7f16\u5199\u7684\u673a\u4f1a\uff0c\u7279\u5730\u5b66\u4e60\u4e00\u4e0b\uff09\uff0c\u5927\u4f53\u6b65\u9aa4\u5982\u4e0b\uff1a<\/p>\n<div><span style=\"color: #000000; font-size: medium;\">1.\u5148\u4e0b\u8f7d\u8981\u8fdb\u884c\u5c4f\u853d\u7684ip\u5730\u5740\u5217\u8868\u6587\u4ef6<br \/>\n\u6211\u4eec\u5148\u5230IPdeny\u4e0b\u8f7d\u4ee5\u56fd\u5bb6\u4ee3\u7801\u7f16\u5236\u597d\u7684ip\u5730\u5740\u5217\u8868\uff0c\u6bd4\u5982\u4e0b\u8f7dcn.zone\uff1a<br \/>\nwget <a href=\"http:\/\/www.ipdeny.com\/ipblocks\/data\/countries\/cn.zone\">http:\/\/www.ipdeny.com\/ipblocks\/data\/countries\/cn.zone<\/a><\/span><\/div>\n<div><\/div>\n<div><span style=\"color: #000000; font-size: medium;\">2.\u4f7f\u7528\u811a\u672c\u6765\u8fdb\u884c\u5c4f\u853d<br \/>\n\u73b0\u5728\u6709\u4e86\u56fd\u5bb6\u7684\u6240\u6709IP\u5730\u5740\uff0c\u8981\u60f3\u5c4f\u853d\u8fd9\u4e9b IP \u5c31\u5f88\u5bb9\u6613\u4e86\uff0c\u76f4\u63a5\u5199\u4e2a\u811a\u672c\u9010\u884c\u8bfb\u53d6\u8981\u5c4f\u853d\u7684IP\u5217\u8868\u6587\u4ef6\u5e76\u52a0\u5165\u5230iptables\u4e2d\uff1a<\/span><\/div>\n<div>\n<pre class=\"lang:sh decode:true \">#!\/bin\/bash\n# Block traffic from a specific country list\n# written by vpsee.com, rewrite by _zero\n\nCOUNTRY=('cn' 'hk' 'tw')\nIPTABLES=\/sbin\/iptables\nEGREP=\/bin\/egrep\n\nif [ \"$(id -u)\" != \"0\" ]; then\n\techo \"you must be root\" 1&gt;&amp;2\n\texit 1\nfi\n\nresetrules() {\n$IPTABLES -F\n$IPTABLES -t nat -F\n$IPTABLES -t mangle -F\n$IPTABLES -X\n}\n\nresetrules\n\nfor c in ${COUNTRY[@]}\ndo\n\twget \"http:\/\/www.ipdeny.com\/ipblocks\/data\/countries\/$c.zone\"\n\tcountry_file=$c.zone\n\n\tIPS=$($EGREP -v \"^#|^$\" $country_file)\n\tfor ip in $IPS\n\tdo\n\t\techo \"blocking $ip\"\n\t\t$IPTABLES -A INPUT -s $ip -j DROP\n\tdone\ndone\n\nexit 0<\/pre>\n<p>\u6839\u636e\u81ea\u5df1\u9700\u8981\u6dfb\u52a0\/\u5220\u9664\u8981\u5c4f\u853d\u7684\u6307\u5b9a\u56fd\u5bb6\u7684IP\u5373\u53ef\u3002<\/p>\n<\/div>\n","protected":false},"excerpt":{"rendered":"<p>\u5728\u4f60\u5efablog\u7684\u65f6\u5019\u4f60\u5c31\u5e94\u8be5\u8003\u8651\u5230\u7f51\u7ad9\u88ab\u6076\u610f\u626b\u63cf\u7684\u60c5\u51b5\u4ee5\u53ca\u5e94\u5bf9\u65b9\u6cd5\uff0c\u4e00\u79cd\u6bd4\u8f83\u6781\u7aef\u548c\u76f4\u63a5\u7684\u65b9\u6cd5\u662f\u76f4\u63a5\u5c4f\u853d\uff08\u867d\u7136\u8bf4 [&hellip;]<\/p>\n","protected":false},"author":2,"featured_media":0,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[11,7,25,12],"tags":[196,29,66],"class_list":["post-404","post","type-post","status-publish","format-standard","hentry","category-linux","category-programing","category-security","category-tools","tag-ipdeny","tag-iptables","tag-wget"],"views":5493,"_links":{"self":[{"href":"https:\/\/ixyzero.com\/blog\/wp-json\/wp\/v2\/posts\/404","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/ixyzero.com\/blog\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/ixyzero.com\/blog\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/ixyzero.com\/blog\/wp-json\/wp\/v2\/users\/2"}],"replies":[{"embeddable":true,"href":"https:\/\/ixyzero.com\/blog\/wp-json\/wp\/v2\/comments?post=404"}],"version-history":[{"count":0,"href":"https:\/\/ixyzero.com\/blog\/wp-json\/wp\/v2\/posts\/404\/revisions"}],"wp:attachment":[{"href":"https:\/\/ixyzero.com\/blog\/wp-json\/wp\/v2\/media?parent=404"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/ixyzero.com\/blog\/wp-json\/wp\/v2\/categories?post=404"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/ixyzero.com\/blog\/wp-json\/wp\/v2\/tags?post=404"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}