Difference between revisions of "Ubuntu Geo-Restricted SSH Access"
From Notes_Wiki
(Created page with "Home > Ubuntu > Server or Desktop administration > Ubuntu Geo-Restricted SSH Access = Step 1: Install the ipset package = <pre> sudo apt install ipset </pre> = Step 2: Download India IP ranges = <pre> wget https://www.ipdeny.com/ipblocks/data/countries/in.zone -O /tmp/in.zone </pre> = Step 3: Create an ipset for India = <pre> sudo ipset create india hash:net </pre> = Step 4: Add IP ranges into...") |
(No difference)
|
Revision as of 08:15, 1 October 2025
Home > Ubuntu > Server or Desktop administration > Ubuntu Geo-Restricted SSH Access
Step 1: Install the ipset package
sudo apt install ipset
Step 2: Download India IP ranges
wget https://www.ipdeny.com/ipblocks/data/countries/in.zone -O /tmp/in.zone
Step 3: Create an ipset for India
sudo ipset create india hash:net
Step 4: Add IP ranges into the ipset
while read ip; do sudo ipset add india $ip; done < /tmp/in.zone
Step 5: Verify current iptables rules
iptables -L INPUT --line-numbers
Step 6: Add iptables rules for SSH restriction
sudo iptables -A INPUT -p tcp --dport 22 -m set --match-set india src -j ACCEPT sudo iptables -A INPUT -p tcp --dport 22 -j REJECT
Step 7: Save iptables rules
sudo netfilter-persistent save
Step 8: Create rc.local for ipset persistence
sudo vim /etc/rc.local
Insert the following lines in /etc/rc.local:
#!/bin/bash ipset restore < /etc/ipset.conf exit 0
Make the file executable:
sudo chmod +x /etc/rc.local
Step 9: Save ipset and iptables to files
sudo sh -c "ipset save > /etc/ipset.conf" sudo sh -c "iptables-save > /etc/iptables/rules.v4"
r
Home > Ubuntu > Server or Desktop administration > Ubuntu Geo-Restricted SSH Access
