How to block foreign IP access scripts

Note: This script has been debugged under CENTOS 6.

First run the following statement to obtain the IP network segment of mainland China, which will be saved as /root/china_ssr.txt

wget -q --timeout=60 -O- 'http://ftp.apnic.net/apnic/stats/apnic/delegated-apnic-latest' | awk -F\| '/CN\|ipv4/ { printf( "%s/%d\n", $4, 32-log($5)/log(2)) }' > /root/china_ssr.txt

Save the following script as /root/allcn.sh and set executable permissions

mmode=$1 #The following statements can be executed individually, and there is no need to obtain the network segment table every time it is executed. #wget -q --timeout=60 -O- 'http://ftp.apnic.net/apnic/stats/apnic/delegated-apnic-latest' | awk -F\| '/CN\|ipv4/ { printf ("%s/%d\n", $4, 32-log($5)/log(2)) }' > /root/china_ssr.txt CNIP="/root/china_ssr.txt" gen_iplist() { cat /dev/null iptables -D INPUT -p tcp -j ALLCNRULE 2>/dev/null iptables -X ALLCNRULE 2>/dev/null ipset -X allcn 2>/dev/null } mstart() { ipset create allcn hash:net 2>/dev/null ipset -! -R <<-EOF $(gen_iplist | sed -e "s/^/add allcn /") EOF iptables -N ALLCNRULE iptables -I INPUT -p tcp -j ALLCNRULE iptables -A ALLCNRULE -s 127.0.0.0/8 -j RETURN iptables -A ALLCNRULE -s 169.254.0.0/16 -j RETURN iptables -A ALLCNRULE -s 224.0.0.0/4 -j RETURN iptables -A ALLCNRULE -s 255.255.255.255 -j RETURN #You can add your public network segment here to avoid being unable to access it when debugging ipset. iptables -A ALLCNRULE -m set --match-set allcn src -j RETURN iptables -A ALLCNRULE -p tcp -j DROP } if [ "$mmode" == "stop" ] ;then flush_r exit 0 fi flush_r sleep 1 mstart

Execute:

/root/allcn.sh

After running, foreign IP cannot access the website.

If you want to stop, execute the following command to reply to foreign IP access to the website:

/root/allcn.sh stop

Restore access to website from foreign IP after operation

In addition: CN-ip address library

• https://github.com/17mon/china_ip_list

Recommended site searches: Mainland China site group server, server space rental, US unlimited content hosting, Japan’s fastest network server, Mainland China proxy server IP, free virtual host, Taiwan server rental, domain name registration, PHP hosting space , Private server rental,