iptables - network firewall
First log the ip address if it matches criteria
/sbin/iptables -A INPUT -p tcp -s 59.104.0.0/15 --dport 25 -j LOG
## and then reject
#BLOCK / REJECT
/sbin/iptables -A INPUT -p tcp -s 59.104.0.0/15 --dport 25 -j DROP
Get the current firewall rules
[root@plain iptables]# iptables --list
Chain INPUT (policy ACCEPT)
target prot opt source destination
LOG tcp -- 59.104.0.0/15 anywhere tcp dpt:smtp LOG level warning
DROP tcp -- 59.104.0.0/15 anywhere tcp dpt:smtp
Chain FORWARD (policy ACCEPT)
target prot opt source destination
Chain OUTPUT (policy ACCEPT)
target prot opt source destination
Go to Linux Administration Country Specific Firewall Blacklist and run those commands on your server. Following are the changes I recommend:
# In addition to default REJECT entries, add the rules for LOG chain (before DROP/REJECT)
# Block the following lists IF YOU DON'T GET TRAFFFIC FROM THESE COUNTRIES ON THESE PORTS
# PORTS
# smtp 25(tcp), ssh 22(tcp),ftp 20,21(tcp),http 80(tcp),dns 53(udp),53(tcp)
# COUNTRIES
# TAIWAN, 22
REJECT tcp -- 210.244.0.0/16 0.0.0.0/0 reject-with icmp-port-unreachable
REJECT tcp -- 211.20.0.0/14 0.0.0.0/0 reject-with icmp-port-unreachable
REJECT tcp -- 211.72.0.0/13 0.0.0.0/0 reject-with icmp-port-unreachable
REJECT tcp -- 218.32.0.0/16 0.0.0.0/0 reject-with icmp-port-unreachable
REJECT tcp -- 218.34.0.0/15 0.0.0.0/0 reject-with icmp-port-unreachable
REJECT tcp -- 218.160.0.0/12 0.0.0.0/0 reject-with icmp-port-unreachable
REJECT tcp -- 218.184.0.0/16 0.0.0.0/0 reject-with icmp-port-unreachable
REJECT tcp -- 218.187.0.0/16 0.0.0.0/0 reject-with icmp-port-unreachable
REJECT tcp -- 219.68.0.0/14 0.0.0.0/0 reject-with icmp-port-unreachable
REJECT tcp -- 219.80.0.0/15 0.0.0.0/0 reject-with icmp-port-unreachable
REJECT tcp -- 219.84.0.0/14 0.0.0.0/0 reject-with icmp-port-unreachable
REJECT tcp -- 219.90.0.0/18 0.0.0.0/0 reject-with icmp-port-unreachable
REJECT tcp -- 219.91.0.0/17 0.0.0.0/0 reject-with icmp-port-unreachable
REJECT tcp -- 220.128.0.0/12 0.0.0.0/0 reject-with icmp-port-unreachable
REJECT tcp -- 220.228.0.0/15 0.0.0.0/0 reject-with icmp-port-unreachable
REJECT tcp -- 220.247.128.0/19 0.0.0.0/0 reject-with icmp-port-unreachable
REJECT tcp -- 221.120.0.0/18 0.0.0.0/0 reject-with icmp-port-unreachable
REJECT tcp -- 221.120.64.0/19 0.0.0.0/0 reject-with icmp-port-unreachable
REJECT tcp -- 221.169.0.0/16 0.0.0.0/0 reject-with icmp-port-unreachable
REJECT tcp -- 222.156.0.0/15 0.0.0.0/0 reject-with icmp-port-unreachable
REJECT tcp -- 222.250.0.0/16 0.0.0.0/0 reject-with icmp-port-unreachable
REJECT tcp -- 222.251.0.0/17 0.0.0.0/0 reject-with icmp-port-unreachable
REJECT tcp -- 222.251.0.0/17 0.0.0.0/0 reject-with icmp-port-unreachable
firewall - network security