Installing xtables-addons on Raspbian

From Tomelec
Revision as of 23:42, 9 January 2015 by Tom (talk | contribs) (Created page with "=Why?= Annoyed by tons of SSH brutforce attacs, I was looking for a way to lock out connections coming from other countries than the desired ones. [http://xtables-addons.sourcefo...")

(diff) ← Older revision | Latest revision (diff) | Newer revision → (diff)
Jump to: navigation, search

Why?

Annoyed by tons of SSH brutforce attacs, I was looking for a way to lock out connections coming from other countries than the desired ones. xtables-addons got the geoip module which enables us to use rules like 

iptables -A INPUT -i wan -p tcp --dport 22 -m state --state NEW -m geoip ! --src-cc AT,DE -j GEOIP_BLOCK_LOG

This example would match on connections not originating from Austria (AT) or Germany (DE). I wanted to use it on a Raspberry Pi running Raspbian.

How?

Raspbian, a Debian based operating system for the Raspberry Pi, is a bit different to other Debian distributions when it comes to add kernel modules. The Kernel sources can not be installed using the packet manager but are downloaded and set up by a separate tool.

Getting the latest kernel and sources

Retrieved from "https://tomelec.net/w/index.php?title=Installing_xtables-addons_on_Raspbian&oldid=293"