This short article shows you how to automatically create iptables rules to block all connection from one country or more. The blocklist is create with an API that you can use wget to update the blocklist monthly. The API to get the IP addresses to block. First you need to know the code (ISO 3166 format) of the country you would like to block.

Once you have the country code, you can now get the list at the following url (Afghanistan and Argentina in this example). If your browser show the data on a single line, simply view the page source code :


Was this post helpful?