I’ve been using my mod of this handy script to block countries with iptables. One issue with the script is that it is adding rules one-by-one using the iptables -A syntax. This is the proper way to add rules, but it does take a long while. And here’s how you can make it orders of magnitude faster.

Here’s the basic process in the original script:

Here’s what I have in my revised version:

The iptables command is called after all the rules are already in the config file, and not for every single rule, of which there may be tens of thousands.

Here’s the actual code for this:

 

Leave A Reply

Please enter your comment!
Please enter your name here