[asterisk-users] IP ban list by country
Bill Kenworthy
billk at iinet.net.au
Mon Feb 14 01:12:30 CST 2011
On Sun, 2011-02-13 at 22:54 -0800, Steve Edwards wrote:
> On Mon, 14 Feb 2011, Bruce B wrote:
>
> > What sources do you use to limit SIP connecting customers to specific
> > countries by IP (e.g. allowing USA and not China). It would help me a
> > lot of you can note the sources you trust that are complete and up to
> > date.
>
> I compiled this list a few (6?) months ago by typing class A address
> blocks into Arin.net's 'whois' web page and noting which Regional Internet
> Registry it was allocated to.
>
> http://www.voip-info.org/wiki/view/allocated-class-a-ip-address-blocks
>
> After plonking this into a couple of production hosts, attacks of all
> ports dropped dramatically.
>
> I note there have been changes since then (128.0.0.0 was assigned to RIPE
> back in November), so if anybody wants to 'refresh' and post changes,
> please do.
>
Look at "geoip" and maxmind. Has a netfilter module to look up and
pass/block based on geo-location via the registry information.
Databases are available by subscription (fine grained, up to date) and a
more general one for free use.
see http://people.netfilter.org/peejix/geoip/howto/geoip-HOWTO.html
Its been awhile since Ive used it and had to drop it because I needed
access from the problem areas :( - but it worked very well at the time.
BillK
More information about the asterisk-users
mailing list