OpenWrt and blocking addresses from china
5,875
I am not sure if it is a good idea to block the IP addresses of a whole nation, especially a country with a huge number of IPs as China. It will slow down your firewall, and yet it is not that effective. If you insist, here is the list of IPs belonging to China. The best way to secure your ssh server is -
- Change the ssh port number to a higher port number
- Install tools such as
fail2ban
, which blocks an IP after a number of failed login attempts. - Use private/public key authentication.
You might find this tutorial useful.
Related videos on Youtube
Author by
Asken
Updated on September 18, 2022Comments
-
Asken over 1 year
I'm running OpenWrt on my router and I love it. My question is how do I block all china addresses from connecting to my firewall on port 22 in the router? 99.9999% of the unauthorized ssh connections are coming from there.
/K
-
Jure1873 about 11 yearsI would also suggest moving ssh to a different higher port as it usually drastically decreases the unauthorized connections
-